2024 Data Breaches — Complete Disclosure Tracker

2024 Data Breaches (863 indexed)

high · tech · Jan 19, 2024

HPE / Hewlett Packard Enterprise

Russian Midnight Blizzard accessed email and SharePoint

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 19, 2024

Microsoft (Midnight Blizzard)

Russian SVR hackers accessed senior executive email accounts for months via legacy OAuth app

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · retail · Jan 18, 2024

Michaels Craft Stores

330K customer records including custom framing orders with home addresses exposed

View incident → Original disclosure Indexed 2 years, 3 months ago

high · tech · Jan 17, 2024

Schneider Electric (France)

Cactus ransomware stole 1.5TB — sustainability business division impacted

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 17, 2024

Naz.API

70,840,771 records exposed — Email addresses, Passwords

View incident → Indexed 2 years, 3 months ago

critical · tech · Jan 17, 2024

Naz.API Compilation

26B records compiled from credential-stuffing logs and stealer malware — largest compilation ever

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 17, 2024

Comcast / Xfinity (2024)

36M customer records from Citrix Bleed breach notifications

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 16, 2024

Trello (2024)

15.1M user records scraped via public API endpoint

View incident → Original disclosure Indexed 2 years, 3 months ago

high · retail · Jan 16, 2024

Jason's Deli

345K customer records compromised in credential stuffing

View incident → Original disclosure Indexed 2 years, 3 months ago

high · tech · Jan 16, 2024

Trello (Atlassian)

15M user records scraped via exposed API endpoint

View incident → Original disclosure Indexed 2 years, 3 months ago

high · government · Jan 16, 2024

City of Fort Worth TX

500K resident records leaked from public portal

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · government · Jan 15, 2024

Wollongong City Council (Australia)

Ransomware disrupted council services — resident data at risk

View incident → Original disclosure Indexed 2 years, 3 months ago

high · tech · Jan 15, 2024

Discord (Third-Party Leak)

600M user messages and metadata scraped and posted to dark web marketplace

View incident → Original disclosure Indexed 2 years, 3 months ago

high · healthcare · Jan 15, 2024

Select Medical Holdings

380K patient records from rehabilitation hospitals exposed via compromised EHR vendor

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 15, 2024

Atlassian (Confluence breach)

3.2M workspace records exposed via CVE exploitation

View incident → Original disclosure Indexed 2 years, 3 months ago

high · healthcare · Jan 15, 2024

Trillium Health Partners (Ontario)

420K patient records compromised in ransomware attack

View incident → Original disclosure Indexed 2 years, 3 months ago

high · finance · Jan 15, 2024

SoFi

240K customer records exposed via third-party vendor

View incident → Original disclosure Indexed 2 years, 3 months ago

high · government · Jan 14, 2024

City of Savannah GA

Ransomware disrupted city services

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · education · Jan 12, 2024

Edmonds School District (WA)

14K student records exposed in data breach

View incident → Original disclosure Indexed 2 years, 3 months ago

medium · retail · Jan 12, 2024

Sam's Club

90K customer records exposed in credential stuffing

View incident → Original disclosure Indexed 2 years, 3 months ago

high · legal · Jan 12, 2024

Cravath Swaine & Moore LLP

SEC insider trading investigation — Chinese hackers targeted deal data in M&A cases

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · healthcare · Jan 12, 2024

Regal Medical Group

3.3M patient records exposed in data exfiltration incident

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · retail · Jan 12, 2024

Hathway

4,670,080 records exposed — Device information, Email addresses, IP addresses, Names and 5 more

View incident → Original disclosure Indexed 2 years, 3 months ago

critical · tech · Jan 10, 2024

Ivanti VPN (Multiple Victims)

Critical zero-day chain exploited by state-sponsored actors — CISA emergency directive

View incident → Original disclosure Indexed 2 years, 3 months ago