2025 Data Breaches — Year-to-Date Disclosure Tracker

2025 Data Breaches (637 indexed)

high · healthcare · Mar 15, 2025

BC Cancer Agency

680K patient treatment records exposed via compromised research data warehouse

View incident → Original disclosure Indexed 1 year ago

critical · legal · Mar 15, 2025

Freshfields Bruckhaus Deringer

670K records from antitrust investigations and merger reviews exposed via insider access

View incident → Original disclosure Indexed 1 year ago

high · healthcare · Mar 14, 2025

MedStar Health (Washington DC)

183K patient records exposed via compromised email accounts — phishing attack

View incident → Original disclosure Indexed 1 year ago

high · other · Mar 13, 2025

Nissan Oceania

100K customer and employee records stolen — government IDs, insurance, and loan data exposed

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · finance · Mar 12, 2025

Manulife Financial (Canada)

2.4M policyholder records exposed via compromised third-party benefits administrator

View incident → Original disclosure Indexed 1 year, 1 month ago

high · government · Mar 12, 2025

Police Scotland

198K records including officer and witness personal data exposed via third-party print vendor

View incident → Original disclosure Indexed 1 year, 1 month ago

high · tech · Mar 12, 2025

BT Group (British Telecom)

890K customer records compromised in network intrusion

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · finance · Mar 10, 2025

Paytm (India)

1.3M payment records exposed via API vulnerability

View incident → Original disclosure Indexed 1 year, 1 month ago

medium · education · Mar 10, 2025

University of Regina

130K student records exposed

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · finance · Mar 10, 2025

BNP Paribas

1.3M customer records compromised

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · other · Mar 10, 2025

Shell plc

1.3M employee and operational records exposed in supply chain attack

View incident → Original disclosure Indexed 1 year, 1 month ago

high · healthcare · Mar 10, 2025

Tokyo Metropolitan Cancer Hospital

287K patient oncology records exfiltrated — unauthorized access via VPN zero-day

View incident → Original disclosure Indexed 1 year, 1 month ago

high · tech · Mar 10, 2025

Videotron (Quebec)

340K subscriber records compromised

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · finance · Mar 10, 2025

ANZ Banking Group

1.2M customer records exposed in vendor incident

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · healthcare · Mar 10, 2025

Telus Health

1.4M patient records compromised in targeted attack

View incident → Original disclosure Indexed 1 year, 1 month ago

high · finance · Mar 10, 2025

Kuwait Finance House

340K banking records compromised

View incident → Original disclosure Indexed 1 year, 1 month ago

high · other · Mar 8, 2025

EnBW Energie Baden-Wurttemberg (Germany)

180K customer records exposed via ransomware on customer service systems

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · government · Mar 8, 2025

CISA (Internal Systems)

CISA confirmed breach of two internal systems — Ivanti Connect Secure vulnerability exploited

View incident → Original disclosure Indexed 1 year, 1 month ago

high · finance · Mar 8, 2025

Mercury Financial (Fintech)

620K startup banking customer records exposed via compromised employee credentials

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · healthcare · Mar 8, 2025

Yale New Haven Health System

5.6M patient records exposed including SSNs and medical record numbers — $18M settlement

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · healthcare · Mar 8, 2025

Cerebral Inc.

3.1M mental health patient records shared with advertising platforms via tracking pixels

View incident → Original disclosure Indexed 1 year, 1 month ago

critical · retail · Mar 7, 2025

Dollar Tree / Family Dollar

2M customer and employee records exposed via Zeroed-In Technologies vendor breach

View incident → Original disclosure Indexed 1 year, 1 month ago

high · healthcare · Mar 5, 2025

Olympus Corporation (Japan)

280K medical device records exposed

View incident → Original disclosure Indexed 1 year, 1 month ago

high · healthcare · Mar 5, 2025

Fraser Health (BC)

890K patient records exposed in network breach

View incident → Original disclosure Indexed 1 year, 1 month ago