Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
747
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

2026 Data Breaches Year-to-Date (747 indexed)

critical · legal · Jul 6, 2026

Carrie Tait

Carrie Tait reports: A retired lawyer is suing Alberta, its Chief Electoral Officer and two organizations that support secession for their respective roles in an alleged data breach affecting 2.9 million residents in the

View incident → Original disclosure Indexed 6 days, 1 hour ago
high · healthcare · Jul 4, 2026

AdaptHealth

Connor Jones reports: AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclo

View incident → Original disclosure Indexed 1 week, 1 day ago
high · tech · Jul 1, 2026

Microsoft SharePoint Server

Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability — Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code ove

View incident → Original disclosure Indexed 1 week, 4 days ago
high · tech · Jun 29, 2026

SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability — SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login

View incident → Original disclosure Indexed 1 week, 6 days ago
high · retail · Jun 28, 2026

Sysco

2,691,852 records exposed — Customer feedback, Email addresses, Employers, Job titles and 4 more

View incident → Indexed 2 weeks ago
medium · tech · Jun 26, 2026

American Tower

216,601 records exposed — Email addresses, Job titles, Names, Phone numbers and 1 more

View incident → Indexed 2 weeks, 2 days ago
high · tech · Jun 25, 2026

PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability — PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by

View incident → Original disclosure Indexed 2 weeks, 3 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability — Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that coul

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability — Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability — Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injectio

View incident → Original disclosure Indexed 2 weeks, 5 days ago