Government Data Breaches — Federal, State & Municipal Disclosures

Government Data Breaches (619 indexed)

high · government · Mar 20, 2026

Government of Alberta

920K citizen records from provincial MyAlberta Digital ID system exposed

View incident → Original disclosure Indexed 2 months ago

high · government · Mar 18, 2026

City of Toronto

890K resident records from municipal services portal exposed in CL0P supply chain attack

View incident → Original disclosure Indexed 2 months, 1 week ago

high · government · Mar 16, 2026

Canada Post

950K address and package tracking records exposed via third-party logistics vendor breach

View incident → Original disclosure Indexed 2 months, 1 week ago

medium · government · Mar 15, 2026

Divine Skins

105,814 records exposed — Email addresses, Purchases, Usernames

View incident → Original disclosure Indexed 2 months, 1 week ago

critical · government · Mar 11, 2026

France

French small and medium businesses remained the organizations most targeted by ransomware in 2025

View incident → Original disclosure Indexed 2 months, 2 weeks ago

high · government · Mar 1, 2026

IRCC Canada (Immigration)

420K immigration applicant records accessed via compromised case management portal

View incident → Original disclosure Indexed 2 months, 3 weeks ago

critical · government · Feb 25, 2026

State of California (DMV Vendor)

2.4M drivers license records exposed via compromised address verification contractor

View incident → Original disclosure Indexed 3 months ago

high · government · Feb 23, 2026

Raytheon Technologies

430K defense contractor employee records and clearance data compromised via vendor

View incident → Original disclosure Indexed 3 months ago

high · government · Feb 20, 2026

Province of Quebec (Revenu)

670K taxpayer records exposed via compromised e-filing integration at provincial revenue agency

View incident → Original disclosure Indexed 3 months ago

high · government · Feb 20, 2026

VIQ Solutions (Canada)

Sensitive court transcripts compromised after Indian subcontractor breach — ignored warnings

View incident → Original disclosure Indexed 3 months ago

high · government · Feb 19, 2026

Hydro-Quebec (Canada)

640K customer billing records exposed via compromised metering data system

View incident → Original disclosure Indexed 3 months, 1 week ago

critical · government · Feb 15, 2026

IRS (Tax Vendor Breach)

1.8M taxpayer records exposed via compromised e-filing software vendor

View incident → Original disclosure Indexed 3 months, 1 week ago

critical · government · Feb 14, 2026

Province of British Columbia

1.4M citizen records from provincial health and education systems compromised

View incident → Original disclosure Indexed 3 months, 1 week ago

critical · government · Feb 13, 2026

Lockheed Martin (Subcontractor)

Defense subcontractor breach exposes classified program metadata and personnel clearance records

View incident → Original disclosure Indexed 3 months, 1 week ago

critical · government · Feb 12, 2026

State of Ohio Unemployment System

890K unemployment claimant records exposed via compromised benefits administration portal

View incident → Original disclosure Indexed 3 months, 2 weeks ago

high · government · Feb 10, 2026

SaskPower (Canada)

340K customer utility records exposed via compromised billing system vendor

View incident → Original disclosure Indexed 3 months, 2 weeks ago

high · government · Feb 9, 2026

Thales Group (France)

340K defense and aerospace employee records exposed via LockBit 3.0 ransomware

View incident → Original disclosure Indexed 3 months, 2 weeks ago

critical · government · Feb 8, 2026

ATO Australia (Tax)

1.1M taxpayer records exposed via zero-day in myGov authentication system

View incident → Original disclosure Indexed 3 months, 2 weeks ago

high · government · Feb 1, 2026

City of Nashville

450K resident records compromised in vendor breach

View incident → Original disclosure Indexed 3 months, 3 weeks ago

critical · government · Feb 1, 2026

DISA Global Solutions

3.3M employee records — background screening provider

View incident → Indexed 3 months, 3 weeks ago

critical · government · Jan 29, 2026

Province of Ontario (ServiceOntario)

2.1M citizen records from drivers license and health card renewal system compromised

View incident → Original disclosure Indexed 3 months, 3 weeks ago

critical · government · Jan 25, 2026

US Department of Veterans Affairs

1.9M veteran health records exposed via compromised community care referral system

View incident → Original disclosure Indexed 4 months ago

high · government · Jan 20, 2026

US Census Bureau

680K household survey response records exposed via misconfigured data sharing portal

View incident → Original disclosure Indexed 4 months ago

critical · government · Jan 20, 2026

US Postal Service

2.3M package tracking records and sender data exposed via compromised Informed Delivery API

View incident → Original disclosure Indexed 4 months ago