2025 Data Breaches — Year-to-Date Disclosure Tracker

2025 Data Breaches (637 indexed)

high · tech · Nov 14, 2025

Fortinet FortiWeb

Fortinet FortiWeb Path Traversal Vulnerability — Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on the system via crafted

View incident → Original disclosure Indexed 4 months, 4 weeks ago

high · finance · Nov 12, 2025

American Express (AMEX)

680K card member records exposed via compromised merchant processing partner system

View incident → Original disclosure Indexed 4 months, 4 weeks ago

critical · healthcare · Nov 12, 2025

NewYork-Presbyterian Hospital

850K patient records exposed via compromised clinical documentation vendor

View incident → Original disclosure Indexed 4 months, 4 weeks ago

medium · tech · Nov 8, 2025

TISZA Világ

198,520 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more

View incident → Original disclosure Indexed 5 months ago

critical · tech · Nov 6, 2025

Synthient Credential Stuffing Threat Data

1,957,476,021 records exposed — Email addresses, Passwords

View incident → Indexed 5 months ago

medium · education · Nov 5, 2025

National and Kapodistrian University of Athens

150K student records stolen

View incident → Original disclosure Indexed 5 months ago

high · healthcare · Nov 5, 2025

Hartford Healthcare (Connecticut)

560K patient records stolen

View incident → Original disclosure Indexed 5 months ago

high · other · Nov 5, 2025

Ecopetrol (Colombia)

340K employee records compromised

View incident → Original disclosure Indexed 5 months ago

medium · tech · Nov 5, 2025

Netlify

190K customer deployment records and API keys compromised

View incident → Original disclosure Indexed 5 months ago

high · government · Nov 5, 2025

Government of Saskatchewan (Canada)

280K citizen records exposed via ransomware on provincial healthcare and social services

View incident → Original disclosure Indexed 5 months ago

high · government · Nov 5, 2025

City of Halifax

210K resident records exposed in network breach

View incident → Original disclosure Indexed 5 months ago

high · tech · Nov 5, 2025

AIS Thailand

890K subscriber records exposed in vendor breach

View incident → Original disclosure Indexed 5 months ago

high · retail · Nov 5, 2025

Publix Super Markets

450K customer records compromised

View incident → Original disclosure Indexed 5 months ago

high · other · Nov 5, 2025

Danone

340K employee records stolen in credential harvesting

View incident → Original disclosure Indexed 5 months ago

high · healthcare · Nov 5, 2025

Providence Health Care (Vancouver)

560K patient records compromised

View incident → Original disclosure Indexed 5 months ago

high · education · Nov 5, 2025

University of Wisconsin

670K student records compromised

View incident → Original disclosure Indexed 5 months ago

high · retail · Nov 5, 2025

Best Buy (vendor incident)

560K customer records compromised through third-party

View incident → Original disclosure Indexed 5 months ago

critical · retail · Nov 1, 2025

H&M Group

1.2M customer records compromised

View incident → Original disclosure Indexed 5 months, 1 week ago

high · tech · Nov 1, 2025

MediaTek (Taiwan)

340K semiconductor records compromised

View incident → Original disclosure Indexed 5 months, 1 week ago

high · tech · Nov 1, 2025

Nokia Networks

450K client infrastructure records exposed

View incident → Original disclosure Indexed 5 months, 1 week ago

medium · legal · Nov 1, 2025

Cassels Brock (Canada)

180K client records exposed

View incident → Original disclosure Indexed 5 months, 1 week ago

medium · government · Nov 1, 2025

Invest NI

95K business records exposed in vendor breach

View incident → Original disclosure Indexed 5 months, 1 week ago

critical · healthcare · Nov 1, 2025

Ontario Health (2025)

1.6M patient records compromised in ransomware incident

View incident → Original disclosure Indexed 5 months, 1 week ago

high · finance · Nov 1, 2025

Munich Re

340K reinsurance client records compromised

View incident → Original disclosure Indexed 5 months, 1 week ago