Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 5484+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
5484
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Latest Disclosures

medium · other · Jun 18, 2026

Kodak Admits Data Breach After

Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident. The post Kodak Admits Data Breach After ShinyHunters Hack Claims appeared first on SecurityWe

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 18, 2026

ShapedPlugin update flow

Multiple WordPress plugins from ShapedPlugin were compromised in a supply chain attack that distributed infected releases to paying customers via the vendor's official update system. [...]

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · legal · Jun 18, 2026

We Didn’t Have a Data

Esteban Morin, the Head of Legal at VRChat described a recent situation: Last week my company, VRChat, was the subject of multiple articles and social media outrage stemming from a data breach notice that was posted on t

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · other · Jun 17, 2026

The Top 10 Attack Surface

Breaches don't always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop — like MongoBleed earlier this year, which let at

View incident → Original disclosure Indexed 2 weeks, 2 days ago
critical · healthcare · Jun 17, 2026

IE: HSE fined €300,000 after

Louise Hickey reports: The HSE has been fined €300,000 by the Data Protection Commission (DPC) over a breach of patient’s personal data in 2018 at the Midland Regional Hospital, Tullamore. The Data Protection Commission

View incident → Original disclosure Indexed 2 weeks, 2 days ago
critical · finance · Jun 17, 2026

What 22,000 breaches teach us

The 2026 Verizon Data Breach Investigations Report analyzed more than 22,000 confirmed data breaches across 145 countries. Its findings point to a single uncomfortable truth: organizations cannot patch fast enough to pre

View incident → Original disclosure Indexed 2 weeks, 2 days ago
medium · other · Jun 17, 2026

Kodak

Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. [...]

View incident → Original disclosure Indexed 2 weeks, 2 days ago
critical · other · Jun 16, 2026

One threat actor demanded $50

Yesterday, DataBreaches reported that FulcrumSec had hacked Danish pharmaceutical giant Novo Nordisk. FulcrumSec followed up on that reporting by releasing their own very detailed report on their dark web leak site about

View incident → Original disclosure Indexed 2 weeks, 3 days ago
medium · tech · Jun 15, 2026

Governing the ghost workforce

Every enterprise security team is fighting a workforce problem they cannot see on any org chart. Bots, service accounts, API keys, OAuth tokens, machine certificates — non-human identities now outnumber human ones in

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

View incident → Original disclosure Indexed 2 weeks, 4 days ago