Recent Data Breaches — Live Disclosure Tracker

Latest Disclosures

high · tech · Sep 10, 2024

Wipro IT Services (India)

1.8M records from 12 client organizations exposed via compromised service desk accounts

View incident → Original disclosure Indexed 1 year, 7 months ago

high · government · Sep 9, 2024

City of Independence MO

Ransomware encrypted city government systems

View incident → Original disclosure Indexed 1 year, 7 months ago

high · government · Sep 8, 2024

Virginia State Corporation Commission

560K business entity records exposed via SQL injection on public filing search

View incident → Original disclosure Indexed 1 year, 7 months ago

high · education · Sep 8, 2024

Jefferson County Schools (Alabama)

96K student records exposed after ransomware attack — grades and discipline records leaked

View incident → Original disclosure Indexed 1 year, 7 months ago

high · education · Sep 8, 2024

Highline Public Schools (WA)

Ransomware forced school district to cancel classes for 17,500 students

View incident → Original disclosure Indexed 1 year, 7 months ago

high · retail · Sep 8, 2024

Aritzia Fashion (Canada)

420K customer records exposed via compromised e-commerce platform — payment data included

View incident → Original disclosure Indexed 1 year, 7 months ago

critical · retail · Sep 6, 2024

Boulanger (France)

27M customer records stolen from French electronics retailer

View incident → Original disclosure Indexed 1 year, 8 months ago

high · tech · Sep 5, 2024

Notion

450K workspace documents exposed via misconfigured sharing

View incident → Original disclosure Indexed 1 year, 8 months ago

high · finance · Sep 5, 2024

Citizens Financial Group

670K customer records stolen in credential harvesting

View incident → Original disclosure Indexed 1 year, 8 months ago

high · other · Sep 5, 2024

Commonwealth Bank of Australia

750K customer records exposed via downstream vendor processing error — CBA data re-exposed

View incident → Original disclosure Indexed 1 year, 8 months ago

medium · tech · Sep 5, 2024

Change.org Petition Platform

3.2M user email addresses and petition signing history exposed via API misconfiguration

View incident → Original disclosure Indexed 1 year, 8 months ago

medium · tech · Sep 5, 2024

Sumsub

86K identity verification records exposed in security vendor breach

View incident → Original disclosure Indexed 1 year, 8 months ago

high · education · Sep 5, 2024

McGill University (Quebec)

180K student and research records compromised via phishing campaign targeting faculty email

View incident → Original disclosure Indexed 1 year, 8 months ago

critical · healthcare · Sep 5, 2024

UCLA Health

1.1M patient records exposed in credential harvesting

View incident → Original disclosure Indexed 1 year, 8 months ago

high · other · Sep 5, 2024

Mahindra & Mahindra

450K employee and manufacturing records exposed

View incident → Original disclosure Indexed 1 year, 8 months ago

high · tech · Sep 5, 2024

Sony Group (Japan)

890K employee and contractor records stolen

View incident → Original disclosure Indexed 1 year, 8 months ago

high · other · Sep 5, 2024

BMW Group

780K customer and vehicle records stolen in targeted intrusion

View incident → Original disclosure Indexed 1 year, 8 months ago

medium · government · Sep 5, 2024

Welsh Government Digital Services

180K citizen records stolen in targeted attack

View incident → Original disclosure Indexed 1 year, 8 months ago

high · tech · Sep 5, 2024

BlackBerry QNX

340K automotive client records compromised in supply chain attack

View incident → Original disclosure Indexed 1 year, 8 months ago

medium · other · Sep 5, 2024

NB Power (New Brunswick)

180K customer records exposed via misconfigured portal

View incident → Original disclosure Indexed 1 year, 8 months ago

high · healthcare · Sep 5, 2024

Novartis

890K clinical trial records stolen

View incident → Original disclosure Indexed 1 year, 8 months ago

medium · healthcare · Sep 5, 2024

Humber River Health (Toronto)

180K patient records exposed via vendor platform

View incident → Original disclosure Indexed 1 year, 8 months ago

high · tech · Sep 4, 2024

SFR Telecom (France)

3.6M customer records listed for sale — names, IBANs, phone numbers, addresses

View incident → Original disclosure Indexed 1 year, 8 months ago

critical · government · Sep 3, 2024

Michigan Department of Health

2.6M Medicaid patient records exposed via compromised eligibility verification system

View incident → Original disclosure Indexed 1 year, 8 months ago

Recent Data Breach Disclosures

Latest Disclosures