Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
997
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

2026 Data Breaches Year-to-Date (997 indexed)

medium · finance · May 27, 2026

Mytheresa

84,108 records exposed — Email addresses, Names, Partial credit card data, Phone numbers and 3 more

View incident → Indexed 1 month, 2 weeks ago
critical · tech · May 27, 2026

Nx Nx Console

Nx Console Embedded Malicious Code Vulnerability — Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfusca

View incident → Original disclosure Indexed 1 month, 2 weeks ago
critical · tech · May 27, 2026

TanStack TanStack

TanStack Unspecified Vulnerability — TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a truste

View incident → Original disclosure Indexed 1 month, 2 weeks ago
high · tech · May 26, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin Privilege Escalation Vulnerability — LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user acco

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · finance · May 26, 2026

Ameriprise

502,597 records exposed — Email addresses, Employers, Financial transactions, Job titles and 3 more

View incident → Indexed 1 month, 3 weeks ago
medium · government · May 24, 2026

7-Eleven

185,256 records exposed — Dates of birth, Email addresses, Names, Phone numbers and 1 more

View incident → Indexed 1 month, 3 weeks ago
high · tech · May 22, 2026

Drupal Core

Drupal Core SQL Injection Vulnerability — Drupal Core contains a SQL injection vulnerability that could allow for privilege escalation and remote code execution via specially crafted requests sent with the database abstr

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 21, 2026

Trend Micro Apex One

Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability — Trend Micro Apex One (on-premise) contains a directory traversal vulnerability that could allow a pre-authenticated local attacker to modify a key tab

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 21, 2026

Langflow Langflow

Langflow Origin Validation Error Vulnerability — Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=Non

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 21, 2026

Dragonica Lunaris

126,293 records exposed — Dates of birth, Email addresses, Names, Passwords and 2 more

View incident → Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft DirectX

Microsoft DirectX NULL Byte Overwrite Vulnerability — Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Internet Explorer

Microsoft Internet Explorer Use-After-Free Vulnerability — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associate

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Defender

Microsoft Defender Link Following Vulnerability — Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Adobe Acrobat and Reader

Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability — Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted P

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Internet Explorer

Microsoft Internet Explorer Use-After-Free Vulnerability — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Windows

Microsoft Windows Buffer Overflow Vulnerability — Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request

View incident → Original disclosure Indexed 1 month, 3 weeks ago