Substack Confirms Data Breach, "Limited
Substack did not specify the number of users affected by the data breach
2026 Data Breaches Year-to-Date (664 indexed)
Allen & Overy
290K client records exposed in LockBit ransomware attack
Betterment
1,435,174 records exposed — Dates of birth, Device information, Email addresses, Employers and 5 more
National Taiwan University
210K student records exposed
Baker McKenzie
120K client records from 47 offices worldwide exposed via compromised email gateway
Lonza Group (Switzerland)
280K pharmaceutical manufacturing records exposed
Nutrien (Saskatchewan)
670K agricultural customer records stolen
SmarterTools SmarterMail
SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability — SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This co
React Native Community CLI
React Native Community CLI OS Command Injection Vulnerability — React Native Community CLI contains an OS command injection vulnerability which could allow unauthenticated network attackers to send POST requests to the M
Weil Gotshal & Manges
280K restructuring records stolen
Confluent
180K streaming platform records exposed
LPL Financial
780K advisor and client records exposed
Discovery Health (South Africa)
560K medical records compromised
AGL Energy
450K customer records exposed in targeted attack
Equinor (Norway)
780K employee and operations records compromised
Generali Group
890K insurance records stolen in targeted attack
Zara (Inditex)
890K customer records stolen
Kinaxis (Ottawa)
210K enterprise supply chain records exposed
Swiss Re (Insurance)
340K reinsurance policyholder records from global operations exposed in targeted attack
Couche-Tard (Circle K Canada)
1.2M customer payment records exposed in POS breach
Capital One (2025)
3.2M credit card applicant records exposed via new cloud misconfiguration — second incident
Home Depot (2026)
3.2M customer records exposed via SaaS vendor breach affecting loyalty program data
Indian Council of Medical Research
81M citizen health records from Aadhaar-linked database exposed via API vulnerability
SolarWinds Web Help Desk
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability — SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow a