2026 Data Breaches Year-to-Date (984 indexed)
NYC Health Hospitals
1.8M records including biometrics and SSNs stolen
One Medical Seniors
8.8TB clinical records exfiltrated by ShinyHunters
Chisholm Persson Ball
Legal files exfiltrated in Akira ransomware attack
DHS Homeland Security Network
Sensitive intel platform breached in ongoing attack
NAIC Insurance Regulators
3.1TB stolen from all 50 state insurance departments
Chemco Calgary
Ransomware attack by Qilin, scope under investigation
KDDI Corporation
14.2M email credentials exposed across 6 ISPs
NYC Health Hospitals
1.8M records stolen including biometrics
A financially motivated operation uses lures of cracked or pirated software to deliver a
A financially motivated operation uses lures of cracked or pirated software to deliver a malware two-for-one combo for data theft and cryptomining.
GitHub continues to be a scintillating target for attackers because it sits in the
GitHub continues to be a scintillating target for attackers because it sits in the middle of the software supply chain and gives threat actors three things they crave: source code, secrets, and automated pipelines to run
Telco giant KDDI
Japanese telecommunications giant KDDI says that millions of people had their email addresses and passwords exposed after attackers breached an email platform used by five internet service providers (ISPs) in the country
The professional services giant
The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact. The post Accenture Confirms Data Breach After Hacker Claims Source Code Th
For years, account takeover (ATO) followed a predictable script. Attackers bought stolen
For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and for def
Tchap French Gov Messenger
73K government accounts and 643K messages stolen
KDDI Japan
14.2M email credentials exposed across six ISPs
Chemco Calgary
Qilin ransomware hit Canadian energy manufacturer