Baptist Health (Florida)
340K patient records compromised
2026 Data Breaches Year-to-Date (462 indexed)
Infosys (India)
6.5M client records from BPO division exposed via compromised McCamish Systems subsidiary
Japan Post Holdings
1.5M postal banking records exposed
City of Nashville
450K resident records compromised in vendor breach
Panera Bread
5,112,502 records exposed — Email addresses, Names, Phone numbers, Physical addresses
Singtel (Singapore)
1.8M customer records exfiltrated from subsidiary Optus-linked systems via shared infrastructure
Cigna Group
1.4M member pharmacy and benefits records accessed via compromised business associate
Rio Tinto (Mining)
210K employee records and joint venture data compromised via compromised collaboration platform
Ivanti Endpoint Manager Mobile (EPMM)
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code executi
Province of Ontario (ServiceOntario)
2.1M citizen records from drivers license and health card renewal system compromised
Johnson & Johnson
620K patient medical device registration records exposed via compromised portal
Woolworths Group (Australia)
860K Everyday Rewards member records exposed via supply chain software vulnerability
Target Corporation (2026)
890K customer credit applications and RedCard data exposed via compromised credit processor
Deutsche Bank
1.8M customer records from private banking division exposed via compromised document management
SoundCloud
29,815,722 records exposed — Avatars, Email addresses, Geographic locations, Names and 2 more
GitHub Enterprise Cloud
14M private repository metadata records exposed via OAuth app token leakage
Fortinet Multiple Products
Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability — Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy contain an authentication bypass using an alternate path o
SmarterTools SmarterMail
SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability — SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthentica
Linux Kernel
Linux Kernel Integer Overflow Vulnerability — Linux Kernel contains an integer overflow vulnerability in the create_elf_tables() function which could allow an unprivileged local user with access to SUID (or otherwise pri
Uber Technologies (2026)
570K driver records including SSNs and banking details accessed via compromised HR system
Microsoft Office
Microsoft Office Security Feature Bypass Vulnerability — Microsoft Office contains a security feature bypass vulnerability in which reliance on untrusted inputs in a security decision in Microsoft Office could allow an u
GNU InetUtils
GNU InetUtils Argument Injection Vulnerability — GNU InetUtils contains an argument injection vulnerability in telnetd that could allow for remote authentication bypass via a "-f root" value for the USER environment vari
SmarterTools SmarterMail
SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability — SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the passwor
Charles Schwab
920K brokerage account records exposed via compromised data analytics vendor