State of Ohio Unemployment System
890K unemployment claimant records exposed via compromised benefits administration portal
2026 Data Breaches Year-to-Date (462 indexed)
Walgreens Boots Alliance
2.1M pharmacy patient records exposed via compromised health services vendor
North Korean Hackers Use Deepfake
Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware
Mastercard (EU Processing)
680K European cardholder records exposed via compromised transaction processing node
Microsoft Windows
Microsoft Windows Improper Privilege Management Vulnerability — Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privile
Gowling WLG
210K client records compromised via vendor
Weston Foods (George Weston)
340K employee and supply records exposed
Microsoft Office
Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability — Microsoft Office Word contains a reliance on untrusted inputs in a security decision vulnerability that could allow an authorized
Microsoft Windows
Microsoft Windows Type Confusion Vulnerability — Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.
Microsoft Windows
Microsoft Windows Shell Protection Mechanism Failure Vulnerability — Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature ov
Microsoft Windows
Microsoft Windows NULL Pointer Dereference Vulnerability — Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
Microsoft Windows
Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability — Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feat
Oman Ministry of Health
280K patient records exposed
Banco de Chile
450K customer records exposed in credential harvesting
Rio Tinto (2026)
670K mining operational records exposed in targeted espionage
Jean Coutu (Pharmacy)
450K patient records exposed in POS breach
KU Leuven (Belgium)
190K student records exposed
Association Nationale des Premiers Secours
5,600 records exposed — Dates of birth, Email addresses, Names, Places of birth and 1 more
“Digital Parasite” Warning as Attackers
Picus Security warns of the increasingly sophisticated ways malicious activity is staying hidden
Toy Battles
1,017 records exposed — Chat logs, Email addresses, IP addresses, Usernames
Deutsche Telekom (Germany)
3.1M customer records accessed via compromised customer service platform
SaskPower (Canada)
340K customer utility records exposed via compromised billing system vendor
Thales Group (France)
340K defense and aerospace employee records exposed via LockBit 3.0 ransomware
Researchers Find 40,000+ Exposed OpenClaw
SecurityScorecard has identified over 40,000 OpenClaw deployments exposed to potential attack