Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5484+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5484
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

medium · government · Jun 19, 2026

CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged Fortinet customers to secure their devices after nearly 74,000 firewall and VPN credentials were exposed in a data leak dubbed "FortiBleed." [...]

medium · retail · Jun 19, 2026

M365 Copilot SearchLeak

A recent proof-of-concept attack against Microsoft’s M365 Copilot Enterprise highlights what could be a much broader prompt injection threat based on a common way many AI-enhanced web services operate. Dubbed SearchLe

medium · healthcare · Jun 19, 2026

Blue Fish Pediatrics

Ahmed Humble reports that 41,485 Texans may have had personal and protected health information exposed in a data breach involving a Houston-based Blue Fish Pediatrics. The breach reportedly occurred between July 11 and J

critical · government · Jun 18, 2026

Telegram

India's government has told the Delhi High Court that Telegram was warned about two weeks before it was blocked, and that the platform admitted it could not proactively detect the channels selling leaked exam papers. Tel

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 18, 2026

Kodak Admits Data Breach After

Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident. The post Kodak Admits Data Breach After ShinyHunters Hack Claims appeared first on SecurityWe

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 18, 2026

ShapedPlugin update flow

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system. [...]

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · legal · Jun 18, 2026

We Didn’t Have a Data

Esteban Morin, the Head of Legal at VRChat described a recent situation: Last week my company, VRChat, was the subject of multiple articles and social media outrage stemming from a data breach notice that was posted on t

View incident → Original disclosure Indexed 2 weeks, 1 day ago
high · retail · Jun 18, 2026

FortiBleed campaign

A massive credential-compromise campaign dubbed “Fortibleed” has been found to expose tens of thousands of Fortinet devices worldwide, with researchers warning of persistent attacker access to affected enterprise environ

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 18, 2026

Nintendo

Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. [...]

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · tech · Jun 18, 2026

ThreatsDay Bulletin

The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory

View incident → Original disclosure Indexed 2 weeks, 1 day ago
critical · other · Jun 18, 2026

UK: More than one year

In February 2025, after the Medusa ransomware gang claimed responsibility for an attack on the UK healthcare provider HCRG Care Group, HCRG confirmed it had been breached but would only say it was investigating. While th

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 18, 2026

Data analysis of the Global

This is the first part of a two-part report of findings from the Global Schools Group data breach. All statistical analyses and findings were provided to DataBreaches by FulcrumSec, and are presented to assist those inve

View incident → Original disclosure Indexed 2 weeks, 1 day ago