Data Breach Tracker: US Company Security Incidents
113
June 2026
Security & Stability
Confirmed data breaches and cyber security incidents reported by US companies each month, sourced from SEC 8-K filings, state attorney general breach notifications, cybersecurity news, and company disclosures. Each record covers the affected organisation, number of records exposed, data types compromised (personal information, financial data, health records), Incident Type where disclosed, and notification date. Only events confirmed by at least one authoritative source are included.
Data breach or security incident exposing customer or user records reported at a company in the US
CISOs and security teams use it to benchmark incident frequency by sector and identify systemic attack patterns across industries. Cyber insurance underwriters use it to assess risk exposure and loss trends. Legal and compliance teams track breach notification timelines and regulatory responses. Journalists and researchers covering cybersecurity use it as a structured, sourced record of confirmed incidents.
477
<table class="catchall-table"><thead><tr><th style="min-width:40px">#</th><th style="min-width:280px">Event</th><th style="min-width:160px">Attack Vector</th><th style="min-width:160px">Records Exposed</th><th style="min-width:160px">Affected Company</th><th style="min-width:160px">Data Types Exposed</th><th style="min-width:160px">Incident Date</th><th style="min-width:160px">Incident Type</th><th style="min-width:160px">Location</th></tr></thead><tbody><tr><td style="min-width:40px">1</td><td style="min-width:280px">Prince George County Cyberattack and Data Breach</td><td style="min-width:160px">cyberattack</td><td style="min-width:160px">-1</td><td style="min-width:160px">Prince George County</td><td style="min-width:160px">personal data, Social Security</td><td style="min-width:160px">2026-06-11</td><td style="min-width:160px">data_breach</td><td style="min-width:160px">Prince George, Va.</td></tr><tr><td style="min-width:40px">2</td><td style="min-width:280px">Fluke Corp. Data Breach and Lawsuit</td><td style="min-width:160px">vulnerability exploit, ransomware</td><td style="min-width:160px">18,517</td><td style="min-width:160px">Fluke Corp.</td><td style="min-width:160px">names, Social Security numbers, birth dates, disability self-identification data</td><td style="min-width:160px">2025-09-29</td><td style="min-width:160px">data_breach</td><td style="min-width:160px">Everett</td></tr><tr><td style="min-width:40px">3</td><td style="min-width:280px">Cushman & Wakefield Data Breach and Lawsuit Dismissal</td><td style="min-width:160px">voice phishing, extortion, hacker groups ShinyHunters and Qilin</td><td style="min-width:160px">500,000</td><td style="min-width:160px">Cushman & Wakefield</td><td style="min-width:160px">mail addresses, job titles, names, phone numbers, physical addresses, Social Security numbers, dates of birth, financial information</td><td style="min-width:160px">2026-05-01</td><td style="min-width:160px">data_breach</td><td style="min-width:160px">Chicago</td></tr><tr><td style="min-width:40px">4</td><td style="min-width:280px">Former Florida Probation Officer Leaked Police Raid Info</td><td style="min-width:160px">unrevoked credentials</td><td style="min-width:160px">113</td><td style="min-width:160px">Florida Department of Juvenile Justice</td><td style="min-width:160px">active arrest warrants, co-defendant information, confidential law enforcement information</td><td style="min-width:160px">2026-06-18</td><td style="min-width:160px">insider_threat</td><td style="min-width:160px">Orange County, Florida</td></tr><tr><td style="min-width:40px">5</td><td style="min-width:280px">Oracle Health Data Breach Lawsuits</td><td style="min-width:160px">system_intrusion</td><td style="min-width:160px">1</td><td style="min-width:160px">Oracle Health</td><td style="min-width:160px">Social Security numbers, personal and health information</td><td style="min-width:160px">2025-01-01</td><td style="min-width:160px">data_breach</td><td style="min-width:160px">Kansas City, Mo.</td></tr><tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr><tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr><tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr></tbody></table>
<h3>What is the difference between this and Have I Been Pwned?</h3><p>Have I Been Pwned focuses on individual credential exposure. This tracker covers corporate breach events – affected company, breach scope, attack type, and regulatory notification – making it suited to enterprise risk monitoring rather than personal account checks.</p><h3>Are healthcare and financial sector breaches included?</h3><p>Yes. HIPAA-covered healthcare breaches appear via HHS breach portal notifications; financial institution incidents come from SEC filings and sector-specific reporting.</p><h3>How does CatchAll validate a breach before including it?</h3><p>Inclusion requires at least one authoritative source – a regulatory filing, company press release, or official notification. Unconfirmed reports from security researchers or forums are excluded.</p><h3>What is the refresh rate of this dataset?</h3><p>We rerun this dataset once a month. You can create your own dataset that updates as frequently as every one hour on <a href="https://platform.newscatcherapi.com/catchall">platform.newscatcherapi.com/catchall</a></p>