Vibe-Coded Moltbook Exposes User Data,
Wiz Security claims Moltbook misconfiguration allowed full read and write access
2026 Data Breaches Year-to-Date (664 indexed)
ServiceNow
1.7M ITSM records from enterprise customers exposed via zero-day in Washington DC instance
Toyota Motor (Global)
2.15M customer records from connected vehicle services exposed via misconfigured cloud database
Sangoma FreePBX
Sangoma FreePBX OS Command Injection Vulnerability — Sangoma FreePBX Endpoint Manager contains an OS command injection vulnerability that could allow for a post-authentication command injection by an authenticated known
GitLab Community and Enterprise Editions
GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability — GitLab Community and Enterprise Editions contain a server-side request forgery vulnerability which could allow unauthorized exte
Sangoma FreePBX
Sangoma FreePBX Improper Authentication Vulnerability — Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services
DISA Global Solutions
3.3M employee records — background screening provider
View incident → Indexed 3 months ago
City of Nashville
450K resident records compromised in vendor breach
Baptist Health (Florida)
340K patient records compromised
Japan Post Holdings
1.5M postal banking records exposed
Horizon Health (New Brunswick)
290K patient records stolen
Block Inc (Square)
1.4M merchant records compromised in insider incident
Atrium Health (2026)
1.8M patient records exposed in supply chain attack
Infosys (India)
6.5M client records from BPO division exposed via compromised McCamish Systems subsidiary
Singtel (Singapore)
1.8M customer records exfiltrated from subsidiary Optus-linked systems via shared infrastructure
Panera Bread
5,112,502 records exposed — Email addresses, Names, Phone numbers, Physical addresses
Cigna Group
1.4M member pharmacy and benefits records accessed via compromised business associate
Rio Tinto (Mining)
210K employee records and joint venture data compromised via compromised collaboration platform
Ivanti Endpoint Manager Mobile (EPMM)
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code executi
Johnson & Johnson
620K patient medical device registration records exposed via compromised portal
Province of Ontario (ServiceOntario)
2.1M citizen records from drivers license and health card renewal system compromised
Deutsche Bank
1.8M customer records from private banking division exposed via compromised document management
Target Corporation (2026)
890K customer credit applications and RedCard data exposed via compromised credit processor
Woolworths Group (Australia)
860K Everyday Rewards member records exposed via supply chain software vulnerability