Live disclosure tracker · updated continuously

Recent Data Breach Disclosures

Every confirmed data breach we've indexed across 78098+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.

98B+
Records Exposed
78098
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

Latest Disclosures

high · tech · Apr 16, 2026

Apache ActiveMQ

Apache ActiveMQ Improper Input Validation Vulnerability — Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.

critical · education · Apr 16, 2026

McGraw Hill

13,500,136 records exposed — Email addresses, Names, Phone numbers, Physical addresses

View incident → Indexed 3 months ago
high · tech · Apr 14, 2026

Microsoft SharePoint Server

Microsoft SharePoint Server Improper Input Validation Vulnerability — Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a networ

high · tech · Apr 14, 2026

Microsoft Office

Microsoft Office Remote Code Execution — Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially craft

high · tech · Apr 13, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically

high · tech · Apr 13, 2026

Microsoft Windows

Microsoft Windows Out-of-Bounds Read Vulnerability — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

critical · tech · Apr 13, 2026

Microsoft Exchange Server

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution. —

high · retail · Apr 12, 2026

Hallmark

1,736,520 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 1 more

View incident → Indexed 3 months ago
medium · tech · Apr 8, 2026

My Lovely AI

106,271 records exposed — Email addresses, Social media profiles

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 6, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS Improper Access Control Vulnerability — Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or comma

View incident → Original disclosure Indexed 3 months, 1 week ago
high · tech · Apr 4, 2026

SongTrivia2

291,739 records exposed — Auth tokens, Avatars, Email addresses, Names and 2 more

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 2, 2026

TrueConf Client

TrueConf Client Download of Code Without Integrity Check Vulnerability — TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path ca

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Apr 1, 2026

Google Dawn

Google Dawn Use-After-Free Vulnerability — Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML pag

View incident → Original disclosure Indexed 3 months, 2 weeks ago
medium · government · Mar 31, 2026

Cuties AI

144,250 records exposed — Avatars, Display names, Email addresses

View incident → Indexed 3 months, 2 weeks ago
high · tech · Mar 30, 2026

Citrix NetScaler

Citrix NetScaler Out-of-Bounds Read Vulnerability — Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability wh

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Mar 27, 2026

F5 BIG-IP

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability — F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.

View incident → Original disclosure Indexed 3 months, 2 weeks ago