Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 75748+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
75748
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

Latest Disclosures

high · tech · Jun 29, 2026

SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability — SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login

View incident → Original disclosure Indexed 2 weeks, 3 days ago
high · retail · Jun 28, 2026

Sysco

2,691,852 records exposed — Customer feedback, Email addresses, Employers, Job titles and 4 more

View incident → Indexed 2 weeks, 4 days ago
medium · tech · Jun 26, 2026

American Tower

216,601 records exposed — Email addresses, Job titles, Names, Phone numbers and 1 more

View incident → Indexed 2 weeks, 6 days ago
high · tech · Jun 25, 2026

PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability — PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by

high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability — Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability — Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that coul

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability — Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injectio

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Lantronix EDS5000

Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe

View incident → Original disclosure Indexed 3 weeks, 2 days ago
medium · education · Jun 20, 2026

JCPenney

368,418 records exposed — Dates of birth, Email addresses, Government issued IDs, Job titles and 4 more

View incident → Indexed 3 weeks, 5 days ago
high · tech · Jun 18, 2026

Splunk Enterprise

Splunk Enterprise Missing Authentication for Critical Function Vulnerability — Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create o

medium · retail · Jun 18, 2026

Ralph Lauren

139,903 records exposed — Age groups, Email addresses, Genders, Names and 1 more

View incident → Indexed 4 weeks ago
medium · finance · Jun 18, 2026

CFGI

248,235 records exposed — Email addresses, Employers, Job titles, Names and 2 more

View incident → Indexed 4 weeks ago
high · tech · Jun 15, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a

high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

medium · government · Jun 15, 2026

Berkadia

305,216 records exposed — Email addresses, Employers, Names, Phone numbers and 1 more

View incident → Indexed 1 month ago
medium · education · Jun 15, 2026

Infinite Campus

137,123 records exposed — Email addresses, Employers, Job titles, Names and 4 more

View incident → Indexed 1 month ago