Data Breach Tracker: US Security Incidents – May 2026
133
April–May 2026
Security & Stability
US data breaches and cybersecurity incidents across healthcare systems, financial institutions, government agencies, schools, and consumer companies.
Data breach or security incident exposing customer or user records reported at a company in the US in the past month
CatchAll web intelligence query aggregating news sources for US data breaches and security incidents exposing customer or user records.
14914
<div style="overflow-x:auto;width:100%"><table class="catchall-table"><thead><tr><th style="min-width:40px">#</th><th style="min-width:200px">Company</th><th style="min-width:140px;white-space:nowrap">Breach Type</th><th style="min-width:120px;white-space:nowrap">Records Exposed</th><th style="min-width:320px">Data Categories Exposed</th><th style="min-width:120px;white-space:nowrap">Date</th><th style="min-width:120px;white-space:nowrap">Source</th></tr></thead><tbody><tr><td>1</td><td style="min-width:200px">Kent District Library</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">181,000</td><td style="min-width:320px">addresses, phone numbers, license</td><td style="min-width:120px">2026-04-24</td><td style="white-space:nowrap"><a href="https://www.wzzm13.com/article/news/local/no-answers-as-cherry-health-kdl-tech-outages-drag-on-for-days/69-a56c285a-6b90-4f75-b6e1-fdf10e7a1036" target="_blank" rel="nofollow">wzzm13.com</a></td></tr><tr><td>2</td><td style="min-width:200px">Medtronic</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">personal information</td><td style="min-width:120px">2026-04-24</td><td style="white-space:nowrap"><a href="https://www.morningstar.com/news/dow-jones/202604272898/medtronic-says-some-it-systems-accessed-in-cyber-breach" target="_blank" rel="nofollow">morningstar.com</a></td></tr><tr><td>3</td><td style="min-width:200px">Interim Healthcare of West Texas</td><td style="min-width:140px">—</td><td style="min-width:120px">3,047</td><td style="min-width:320px">Names of individuals, Addresses, Medical information, Health insurance information, Dates of birth</td><td style="min-width:120px">2026-04-24</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/interim-healthcare-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>4</td><td style="min-width:200px">Pine Bluff School District</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-26</td><td style="white-space:nowrap"><a href="https://katv.com/community/good-morning-arkansas/replace-your-windshield-with-gwatney-collision-center" target="_blank" rel="nofollow">katv.com</a></td></tr><tr><td>5</td><td style="min-width:200px">ADT</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">customer data</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/adt-data-breach-toronto-sms-blasting-pre-stuxnet-malware-discovery" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>6</td><td style="min-width:200px">Navigate360</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">personally identifiable information, names</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://ground.news/article/the-blueleaks-20-breach-will-there-be-any-accountability-senators-start-with-transparency" target="_blank" rel="nofollow">ground.news</a></td></tr><tr><td>7</td><td style="min-width:200px">Intrado</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">sensitive system files, emergency logs</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://securityonline.info/intrado-911-emergency-gateway-vulnerability-cve-2026-6074" target="_blank" rel="nofollow">securityonline.info</a></td></tr><tr><td>8</td><td style="min-width:200px">Green Imaging LLC</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">5,016</td><td style="min-width:320px">Names, Addresses, Social Security numbers, Driver's license numbers, Other government-issued identification numbers, Dates of birth, Clinical/treatment information, Diagnosis/condition information,...</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/green-imaging-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>9</td><td style="min-width:200px">Legend Senior Living</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">5,006</td><td style="min-width:320px">home addresses, email addresses, Social Security numbers, driver's license numbers, medical information, payment methods</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://www.mcknightsseniorliving.com/news/legend-winward-ransomware-attacks" target="_blank" rel="nofollow">mcknightsseniorliving.com</a></td></tr><tr><td>10</td><td style="min-width:200px">LinkedIn</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0B</td><td style="min-width:320px">religious beliefs, political opinions, disabilities, job-seeking activity, local IP address, connected devices, number of CPU cores, device RAM, canvas fingerprint, WebGL fingerprint, AudioContext ...</td><td style="min-width:120px">2026-04-27</td><td style="white-space:nowrap"><a href="https://securityaffairs.com/191383/security/linkedin-browsergate.html" target="_blank" rel="nofollow">securityaffairs.com</a></td></tr><tr><td>11</td><td style="min-width:200px">Murray's Cheese</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, Social Security numbers, dates of birth, health insurance plan enrollment information, health insurance member numbers, driver's license numbers, state-issued identification card numbers, pa...</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.isssource.com/cheese-makers-worker-health-plan-info-stolen" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>12</td><td style="min-width:200px">Checkmarx</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">GitHub data</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/phantomrpc-flaw-checkmarx-github-dark-web-data-pypi-package-infostealer" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>13</td><td style="min-width:200px">Cursor</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">session tokens, API keys</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://hive.blog/hive-196387/@scipio/learn-ethical-hacking-27-bug-bounty-hunting-getting-paid-to-hack-the-web" target="_blank" rel="nofollow">hive.blog</a></td></tr><tr><td>14</td><td style="min-width:200px">Pennsylvania Department of Human Services</td><td style="min-width:140px">Insider Threat</td><td style="min-width:120px">—</td><td style="min-width:320px">names, dates of birth, Social Security numbers</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.wkbn.com/news/pennsylvania/former-pa-benefits-worker-charged-in-snap-fraud" target="_blank" rel="nofollow">wkbn.com</a></td></tr><tr><td>15</td><td style="min-width:200px">U.S. Department of Justice</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">100</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.newsdirectory3.com/epstein-survivors-sue-doj-over-leaked-personal-data-breach" target="_blank" rel="nofollow">newsdirectory3.com</a></td></tr><tr><td>16</td><td style="min-width:200px">Sallie Mae</td><td style="min-width:140px">—</td><td style="min-width:120px">—</td><td style="min-width:320px">names, phone numbers, email addresses, age, race, gender, education records, geolocation data, financial need indicators, personal info on minors</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://rocketnews.com/2026/04/founder-of-shark-tank-backed-startup-scholly-sues-his-acquirer-sallie-mae" target="_blank" rel="nofollow">rocketnews.com</a></td></tr><tr><td>17</td><td style="min-width:200px">Sagent Pharmaceuticals</td><td style="min-width:140px">—</td><td style="min-width:120px">—</td><td style="min-width:320px">full name, Social Security number, driver's license number or state identification number, bank account information, health insurance policy information</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.isssource.com/pharmaceutical-firm-suffers-cyberattack" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>18</td><td style="min-width:200px">cPanel</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/hackers-are-still-exploiting-the-cpanel-bug-to-gain-control-of-thousands-of-websites" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>19</td><td style="min-width:200px">Zetachain</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-28</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/04/28/Zetachain_Pauses_Mainnet_After_GatewayZEVM_Contract_Exploit_" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>20</td><td style="min-width:200px">Polymarket</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">300,000</td><td style="min-width:320px">names, pseudonyms, wallet addresses, bio, profile image, proxy wallet, base address, internal user IDs, ETH addresses</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.bitget.com/en/amp/news/detail/12560605390567" target="_blank" rel="nofollow">bitget.com</a></td></tr><tr><td>21</td><td style="min-width:200px">illumifin Corporation</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">97,781</td><td style="min-width:320px">names, Home Address, Social Security Number, Insurance Policy Information, Underwriting and Claims Data, Health Insurance Information, Medical Record Information, Financial Account Numbers</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.globenewswire.com/news-release/2026/04/29/3284169/0/en/illumifin-corporation-data-breach-claims-investigated-by-lynch-carpenter.html" target="_blank" rel="nofollow">globenewswire.com</a></td></tr><tr><td>22</td><td style="min-width:200px">Vimeo</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">technical data, video titles, metadata, customer email addresses</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://securityaffairs.com/191448/security/shinyhunters-exploit-anodot-incident-to-target-vimeo.html" target="_blank" rel="nofollow">securityaffairs.com</a></td></tr><tr><td>23</td><td style="min-width:200px">Columbia Surgical Partners</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">medical records</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.wsmv.com:443/2026/04/30/patient-medical-records-compromised-by-cyberattack-columbia-surgical-clinic" target="_blank" rel="nofollow">wsmv.com</a></td></tr><tr><td>24</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">8,800</td><td style="min-width:320px">names, school email addresses, classroom assignments, messages</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://hhjonline.com/canvas-security-breach-concerns-raised-at-board-of-education-meeting" target="_blank" rel="nofollow">hhjonline.com</a></td></tr><tr><td>25</td><td style="min-width:200px">Netflix</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">username, password</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://ground.news/article/what-happened-to-my-netflix-account" target="_blank" rel="nofollow">ground.news</a></td></tr><tr><td>26</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">275.0M</td><td style="min-width:320px">names, email addresses, private conversations, usernames, course names, enrollment information, messages, passwords, Social Security numbers, account information</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://us.headtopics.com/news/maker-of-canvas-learning-platform-strikes-deal-for-hackers-83286781" target="_blank" rel="nofollow">us.headtopics.com</a></td></tr><tr><td>27</td><td style="min-width:200px">LiteLLM</td><td style="min-width:140px">Sql Injection</td><td style="min-width:120px">—</td><td style="min-width:320px">API keys, cloud credentials</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://ground.news/article/litellm-bug-exposes-api-keys-and-credentials" target="_blank" rel="nofollow">ground.news</a></td></tr><tr><td>28</td><td style="min-width:200px">Bayou Title</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">70,000</td><td style="min-width:320px">Social Security numbers, names, addresses, bank account information, pay rates, tax withholding details, direct deposit information</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.classaction.org/data-breach-lawsuits/bayou-title-april-2026" target="_blank" rel="nofollow">classaction.org</a></td></tr><tr><td>29</td><td style="min-width:200px">Kemper Corp.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">13.0M</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.law360.com/insurance/articles/2471497" target="_blank" rel="nofollow">law360.com</a></td></tr><tr><td>30</td><td style="min-width:200px">Lamb-Star</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.isssource.com/engineering-firm-suffers-cyberattack" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>31</td><td style="min-width:200px">Pathfinder LL&amp;D Insurance Group</td><td style="min-width:140px">—</td><td style="min-width:120px">7,382</td><td style="min-width:320px">Names, Addresses, Social Security numbers, Driver's license numbers, Financial information, Medical information, Health insurance information, Dates of birth</td><td style="min-width:120px">2026-04-29</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/pathfinder-insurance-group-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>32</td><td style="min-width:200px">Liberty Mutual</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">15,630</td><td style="min-width:320px">names, date of birth, Social Security number, financial information, health insurance information, addresses, contact information, health records, insurance details</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://dothaneagle.com/news/state-regional/alabama/article_05e23644-9c22-598f-a2cc-0f877c906a64.html" target="_blank" rel="nofollow">dothaneagle.com</a></td></tr><tr><td>33</td><td style="min-width:200px">Express</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">12</td><td style="min-width:320px">customer names, emails, telephone numbers, shipping details, partial payment data, phone number, billing and delivery locations, masked payment card information</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/retailer-secures-website-after-customer-data-leak-risk-identified" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>34</td><td style="min-width:200px">Riverside County Sheriff's Department</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">voters' personal information</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.nbcpalmsprings.com/2026/04/30/sensitive-voter-data-may-have-been-exposed-online-in-bianco-election-probe" target="_blank" rel="nofollow">nbcpalmsprings.com</a></td></tr><tr><td>35</td><td style="min-width:200px">Steel Warehouse Company LLC</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">439</td><td style="min-width:320px">Names, Address, Social Security Number Information, Driver's License number, Government-issued ID number, Date of Birth, State ID card, Financial Information</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/steel-warehouse-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>36</td><td style="min-width:200px">Practice by Numbers</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">10</td><td style="min-width:320px">medical histories, personal information, photo identification</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.newsy-today.com/dental-practice-software-maker-fixes-bug-that-exposed-patients-medical-records" target="_blank" rel="nofollow">newsy-today.com</a></td></tr><tr><td>37</td><td style="min-width:200px">Roblox</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">account information</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/roblox-hackers-arrested-microsoft-0-day-falls-short-dubai-scam-takedown" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>38</td><td style="min-width:200px">STELIA Aerospace North America</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">20</td><td style="min-width:320px">identity documents, employee benefit plan forms, technical drawings, customer names</td><td style="min-width:120px">2026-04-30</td><td style="white-space:nowrap"><a href="https://www.manufacturing.net/cybersecurity/news/22965829/airbus-subsidiary-victim-of-2m-ransomware-attack" target="_blank" rel="nofollow">manufacturing.net</a></td></tr><tr><td>39</td><td style="min-width:200px">Total System Services LLC</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">personal information</td><td style="min-width:120px">2026-05</td><td style="white-space:nowrap"><a href="https://www.law360.com/energy/articles/2478186" target="_blank" rel="nofollow">law360.com</a></td></tr><tr><td>40</td><td style="min-width:200px">NCH</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, Social Security numbers, dates of birth, benefits enrollment information, Taxpayer identification numbers, driver's license or state-issued identification card numbers, passport numbers, oth...</td><td style="min-width:120px">2026-05-01</td><td style="white-space:nowrap"><a href="https://www.isssource.com/cyberattack-at-chemical-product-maker" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>41</td><td style="min-width:200px">Michigan Medicine</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">551</td><td style="min-width:320px">medical records, Social Security numbers</td><td style="min-width:120px">2026-05-01</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/01/Sham_network_accessed_300000_medical_records_including_Michi" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>42</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">2.5B</td><td style="min-width:320px">names, email addresses, student ID numbers, internal messages</td><td style="min-width:120px">2026-05-01</td><td style="white-space:nowrap"><a href="https://usa-today-news.com/news/canvas-hack-leads-u-of-i-to-postpone-finals-schools-to-scramble-without-popular-learning-tool" target="_blank" rel="nofollow">usa-today-news.com</a></td></tr><tr><td>43</td><td style="min-width:200px">Conduent</td><td style="min-width:140px">—</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-02</td><td style="white-space:nowrap"><a href="https://www.foxcharleston.com/diy-identity-protection-vs-paid-services-what-works-in-2026" target="_blank" rel="nofollow">foxcharleston.com</a></td></tr><tr><td>44</td><td style="min-width:200px">Pitney Bowes</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">personal information</td><td style="min-width:120px">2026-05-03</td><td style="white-space:nowrap"><a href="https://www.valueaddedresource.net/week-in-review-5-3-26" target="_blank" rel="nofollow">valueaddedresource.net</a></td></tr><tr><td>45</td><td style="min-width:200px">Advanced Diagnostic Imaging</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">patient medical records</td><td style="min-width:120px">2026-05-03</td><td style="white-space:nowrap"><a href="https://histalk2.com/2026/05/03/morning-headlines-5-4-26" target="_blank" rel="nofollow">histalk2.com</a></td></tr><tr><td>46</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">user information</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://au.lifehacker.com/entertainment/118474/the-out-of-touch-adults-guide-to-kid-culture-what-is-omoggle" target="_blank" rel="nofollow">au.lifehacker.com</a></td></tr><tr><td>47</td><td style="min-width:200px">ADT Inc.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">customer and prospect data</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://stockstotrade.com/news/adt-inc-adt-news-2026_05_04-2" target="_blank" rel="nofollow">stockstotrade.com</a></td></tr><tr><td>48</td><td style="min-width:200px">Braintrust</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">API keys, secrets</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/braintrust-security-incident-raises-concerns-over-ai-supply-chain-risks" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>49</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">2.0B</td><td style="min-width:320px">private messages</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://www.castanet.net/edition/news-story-613201-6-.htm" target="_blank" rel="nofollow">castanet.net</a></td></tr><tr><td>50</td><td style="min-width:200px">Patreon</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">user ID, subscription status</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://securityonline.info/cve-2026-42560-auth-library-patreon-identity-collision" target="_blank" rel="nofollow">securityonline.info</a></td></tr><tr><td>51</td><td style="min-width:200px">Booking.com</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, email addresses, phone numbers</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://viewfromthewing.com/hotel-scammers-now-know-your-reservation-details-demand-payment-through-zelle-paypal-or-venmo" target="_blank" rel="nofollow">viewfromthewing.com</a></td></tr><tr><td>52</td><td style="min-width:200px">West Pharmaceutical Services</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://www.bleepingcomputer.com/news/security/west-pharmaceutical-says-hackers-stole-data-encrypted-systems" target="_blank" rel="nofollow">bleepingcomputer.com</a></td></tr><tr><td>53</td><td style="min-width:200px">Kochava</td><td style="min-width:140px">—</td><td style="min-width:120px">125.0M</td><td style="min-width:320px">precise location data, geolocation data, sensitive location data, yearly incomes, mobile device IDs, app usage</td><td style="min-width:120px">2026-05-04</td><td style="white-space:nowrap"><a href="https://cyberinsider.com/ftc-orders-kochava-to-stop-selling-peoples-location-data" target="_blank" rel="nofollow">cyberinsider.com</a></td></tr><tr><td>54</td><td style="min-width:200px">Diamond Chemical</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">name, Social Security Number</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.isssource.com/cyberattack-at-nj-chemical-maker" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>55</td><td style="min-width:200px">Pott County</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">name, address, full Social Security number, wage information</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://themercury.com/news/pott-county-reports-employee-data-breach/article_a6242f2d-26dd-5052-b320-f71434e5dc3b.html" target="_blank" rel="nofollow">themercury.com</a></td></tr><tr><td>56</td><td style="min-width:200px">State Department</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">email accounts</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.fedweek.com/fedweek/sammies-winners-announced-employees-of-state-epa-irs-usda" target="_blank" rel="nofollow">fedweek.com</a></td></tr><tr><td>57</td><td style="min-width:200px">D'Ambrosio Dodge</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">Names, Addresses, Government ID numbers</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/dambrosio-dodge-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>58</td><td style="min-width:200px">Pipestone Holdings LLC</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">137.0B</td><td style="min-width:320px">passports, Social Security numbers, driver's licenses, financial information, medical information, litigation documents, contracts, insurance files, non-disclosure agreements, first and last names</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/pipestone-holdings-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>59</td><td style="min-width:200px">54 Below Inc.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">13,622</td><td style="min-width:320px">Names, Social Security numbers</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/54-below-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>60</td><td style="min-width:200px">Helix Energy Solutions Group, Inc.</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">4,661</td><td style="min-width:320px">Names, Addresses, Social Security numbers, Driver's license numbers, Government-issued ID numbers, Dates of birth</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/helix-energy-solutions-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>61</td><td style="min-width:200px">Veridian</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-05</td><td style="white-space:nowrap"><a href="https://nextdoor.com/p/gQrHrdmzfjx3" target="_blank" rel="nofollow">nextdoor.com</a></td></tr><tr><td>62</td><td style="min-width:200px">GoDaddy</td><td style="min-width:140px">Phishing</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">credentials, 2FA codes, passwords</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://gridinsoft.com/blogs/godaddy-managewp-phishing-google-ads" target="_blank" rel="nofollow">gridinsoft.com</a></td></tr><tr><td>63</td><td style="min-width:200px">ACME TRUCK LINE</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">name, Social Security number, date of birth, driver's license number, financial account information, direct deposit information, tax withholding records, health insurance enrollment information</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://www.isssource.com/oilfield-carrier-suffers-cyberattack" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>64</td><td style="min-width:200px">Temu</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">precise physical location, microphone access, camera access, app activity</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/12/Oklahoma_AG_sues_Temu_over_unlawful_data_collection_use_of_f" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>65</td><td style="min-width:200px">Schemata</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">military training materials, service member records</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/zero-auth-flaw-exposes-dod-contractor-to-cross-tenant-data-access" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>66</td><td style="min-width:200px">Rockstar Games</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">stolen data</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://za.ign.com/grand-theft-auto-vi/231944/gta-estimated-to-have-cost-take-two-1-billion-to-15-billion-so-far" target="_blank" rel="nofollow">za.ign.com</a></td></tr><tr><td>67</td><td style="min-width:200px">USCellular</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://techdator.net/tag/crm" target="_blank" rel="nofollow">techdator.net</a></td></tr><tr><td>68</td><td style="min-width:200px">Horizon Media</td><td style="min-width:140px">—</td><td style="min-width:120px">10</td><td style="min-width:320px">Social Security numbers, Government ID numbers, Health records</td><td style="min-width:120px">2026-05-06</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/horizon-media-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>69</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">sensitive information</td><td style="min-width:120px">2026-05-07</td><td style="white-space:nowrap"><a href="https://wdet.org/2026/05/08/detroit-evening-report-detroiters-celebrate-second-cleveland-defeat" target="_blank" rel="nofollow">wdet.org</a></td></tr><tr><td>70</td><td style="min-width:200px">Yarbo</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">11,000</td><td style="min-width:320px">GPS coordinates, Wi-Fi passwords, email addresses</td><td style="min-width:120px">2026-05-07</td><td style="white-space:nowrap"><a href="https://technewstube.com/theverge/1830192/yarbos-promise-to-fix-robot-mower-ran-me-over" target="_blank" rel="nofollow">technewstube.com</a></td></tr><tr><td>71</td><td style="min-width:200px">Microsoft</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">proprietary documents, internal communications, secure data, user emails, Teams chats, Word documents, SharePoint files, financial reports, personal employee information, strategic corporate planni...</td><td style="min-width:120px">2026-05-07</td><td style="white-space:nowrap"><a href="http://cyberpress.org/critical-microsoft-365-copilot-vulnerabilities-expose-sensitive-information" target="_blank" rel="nofollow">cyberpress.org</a></td></tr><tr><td>72</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">30.0M</td><td style="min-width:320px">student data</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.wowt.com:443/2026/05/08/6-things-you-need-know-friday-may-8" target="_blank" rel="nofollow">wowt.com</a></td></tr><tr><td>73</td><td style="min-width:200px">Fluke</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">18,517</td><td style="min-width:320px">social security number, date of birth, disability indicator</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.isssource.com/third-party-hole-leads-to-fluke-attack" target="_blank" rel="nofollow">isssource.com</a></td></tr><tr><td>74</td><td style="min-width:200px">SiriusXM</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">consumer information</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.ifixit.com/News/69723/car-hacks-prove-repair-isnt-the-biggest-security-threat" target="_blank" rel="nofollow">ifixit.com</a></td></tr><tr><td>75</td><td style="min-width:200px">Google</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">100.0M</td><td style="min-width:320px">communications</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/settlements/google-assistant-privacy-litigation" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>76</td><td style="min-width:200px">Trellix</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">internal systems</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://ground.news/article/it-security-news-hourly-summary-2026-05-09-06h-3-posts_4c0e66" target="_blank" rel="nofollow">ground.news</a></td></tr><tr><td>77</td><td style="min-width:200px">General Motors</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">14.0M</td><td style="min-width:320px">names, contact details, GPS locations, driving events</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://hoodline.com/2026/05/l-a-prosecutors-hit-gm-with-12-75-million-over-onstar-data-sales" target="_blank" rel="nofollow">hoodline.com</a></td></tr><tr><td>78</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://patch.com/iowa/iowacity/patch-am-how-canvas-hack-could-affect-iowa-city-students-finals-nodx-20260511" target="_blank" rel="nofollow">patch.com</a></td></tr><tr><td>79</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://wlni.com/2026/05/08/friday-may-8" target="_blank" rel="nofollow">wlni.com</a></td></tr><tr><td>80</td><td style="min-width:200px">AssetMark Trust Company</td><td style="min-width:140px">—</td><td style="min-width:120px">359</td><td style="min-width:320px">Names of individuals, Social Security numbers</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/assetmark-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>81</td><td style="min-width:200px">Best Buy</td><td style="min-width:140px">—</td><td style="min-width:120px">—</td><td style="min-width:320px">names, email and mailing addresses, phone numbers, purchase histories</td><td style="min-width:120px">2026-05-08</td><td style="white-space:nowrap"><a href="https://www.classaction.org/news/class-action-lawsuit-alleges-best-buy-sells-customer-info-to-third-parties-without-consent" target="_blank" rel="nofollow">classaction.org</a></td></tr><tr><td>82</td><td style="min-width:200px">Dollar General</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">credit card numbers, financial account information</td><td style="min-width:120px">2026-05-09</td><td style="white-space:nowrap"><a href="https://www.wtvm.com:443/2026/05/11/credit-card-skimmers-found-two-dollar-general-stores-harris-county" target="_blank" rel="nofollow">wtvm.com</a></td></tr><tr><td>83</td><td style="min-width:200px">C&amp;W</td><td style="min-width:140px">Phishing</td><td style="min-width:120px">—</td><td style="min-width:320px">names, dates of birth, social security numbers, driver's license numbers, financial information</td><td style="min-width:120px">2026-05-09</td><td style="white-space:nowrap"><a href="https://us.headtopics.com/news/class-action-suit-targets-global-commercial-real-estate-83275035" target="_blank" rel="nofollow">us.headtopics.com</a></td></tr><tr><td>84</td><td style="min-width:200px">DigiCert</td><td style="min-width:140px">—</td><td style="min-width:120px">12.5B</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-10</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/week-in-review-cpanel-vulnerability-actively-exploited-digicert-breach-linkedin-job-scams" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>85</td><td style="min-width:200px">Mixpanel Inc.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">analytics data</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://news.bloomberglaw.com/class-action/openai-user-drops-privacy-class-action-over-mixpanel-data-breach" target="_blank" rel="nofollow">news.bloomberglaw.com</a></td></tr><tr><td>86</td><td style="min-width:200px">Netflix</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">personal data, sensitive behavioral information, viewing habits, device locations, household network interactions</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://seekingalpha.com/news/4590683-texas-ag-sues-netflix-over-illegal-surveillance-data-sales" target="_blank" rel="nofollow">seekingalpha.com</a></td></tr><tr><td>87</td><td style="min-width:200px">Meta Platforms Inc.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">private information</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://news.bloomberglaw.com/privacy-and-data-security/meta-google-fail-to-escape-data-leak-suit-over-android-flaw" target="_blank" rel="nofollow">news.bloomberglaw.com</a></td></tr><tr><td>88</td><td style="min-width:200px">AkzoNobel</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">20,951</td><td style="min-width:320px">user emails, phone numbers, technical data, private email correspondence, passport scans, testing documents, internal technical specification sheets, confidential agreements</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://usg.mydigitalpublication.com/may-2026/page-28" target="_blank" rel="nofollow">usg.mydigitalpublication.com</a></td></tr><tr><td>89</td><td style="min-width:200px">LG Electronics</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">20</td><td style="min-width:320px">viewing data, personal information, household data, device data, viewer profiles</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://us.headtopics.com/news/lg-to-alert-smart-tv-users-of-data-collection-following-83314571" target="_blank" rel="nofollow">us.headtopics.com</a></td></tr><tr><td>90</td><td style="min-width:200px">Williams Associates Architects Ltd. DBA Williams Architects</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">100,000</td><td style="min-width:320px">Driver's licenses, Social security numbers</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/williams-architects-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>91</td><td style="min-width:200px">Medicare</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.4M</td><td style="min-width:320px">Medicare number</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://www.cannoncourier.com/article/22435/medicare-customers-receiving-new-cards-due-to-breach" target="_blank" rel="nofollow">cannoncourier.com</a></td></tr><tr><td>92</td><td style="min-width:200px">Atrium Health</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">4,035</td><td style="min-width:320px">names, medical records, Social Security numbers</td><td style="min-width:120px">2026-05-11</td><td style="white-space:nowrap"><a href="https://www.charlotteobserver.com/news/business/article315699866.html" target="_blank" rel="nofollow">charlotteobserver.com</a></td></tr><tr><td>93</td><td style="min-width:200px">Illinois health system</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">100,000</td><td style="min-width:320px">medical records, treatment details, lab results, doctor visit notes</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://kffhealthnews.org/morning-breakout/industry-news-3" target="_blank" rel="nofollow">kffhealthnews.org</a></td></tr><tr><td>94</td><td style="min-width:200px">7-Eleven</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">447</td><td style="min-width:320px">credit card numbers, debit card numbers, PINs</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.denvergazette.com/2026/05/13/boulder-da-indicts-group-over-alleged-7-eleven-card-skimming-scheme" target="_blank" rel="nofollow">denvergazette.com</a></td></tr><tr><td>95</td><td style="min-width:200px">Community Bank</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">customer data</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://technewstube.com/the-register/1830983/us-bank-reports-itself-after-slinging-customer-data" target="_blank" rel="nofollow">technewstube.com</a></td></tr><tr><td>96</td><td style="min-width:200px">Evolve Bank &amp; Trust</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">customer information</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.expressvpn.com/blog/is-affirm-safe" target="_blank" rel="nofollow">expressvpn.com</a></td></tr><tr><td>97</td><td style="min-width:200px">OpenAI</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">GitHub tokens</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/openai-codex-bug-leads-to-github-token-breach" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>98</td><td style="min-width:200px">Visual Creations, Inc.</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">36</td><td style="min-width:320px">Social Security numbers</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/visual-creations-data-breach-2026-8f4ef" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>99</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.timesofupdate.com/us-china-launch-joint-drug-raid-ahead-of-trump-xi-summit" target="_blank" rel="nofollow">timesofupdate.com</a></td></tr><tr><td>100</td><td style="min-width:200px">Canvas</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/12/Canvas_hack_in_Maryland_What_was_accessed_and_what_remains_s" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>101</td><td style="min-width:200px">Stripe</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">16,000</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://news-pravda.com/usa/2026/05/12/2300460.html" target="_blank" rel="nofollow">news-pravda.com</a></td></tr><tr><td>102</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-12</td><td style="white-space:nowrap"><a href="https://www.bostonherald.com/2026/05/12/ticker-golden-dome-estimated-to-cost-1-2t-canvas-hack-deal" target="_blank" rel="nofollow">bostonherald.com</a></td></tr><tr><td>103</td><td style="min-width:200px">Fluke Corporation</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">43</td><td style="min-width:320px">Social Security numbers, Health records</td><td style="min-width:120px">2026-05-13</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/fluke-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>104</td><td style="min-width:200px">Tokee</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.2M</td><td style="min-width:320px">names, phone numbers, avatars, device tokens, user IDs, activity logs, account status, timestamps for account creation and update, last seen activity indicators</td><td style="min-width:120px">2026-05-13</td><td style="white-space:nowrap"><a href="https://www.techradar.com/pro/security/messaging-app-tokee-may-have-leaked-1-2-million-user-profiles-experts-say-exposed-personal-data-presents-significant-privacy-security-and-regulatory-risks" target="_blank" rel="nofollow">techradar.com</a></td></tr><tr><td>105</td><td style="min-width:200px">Foxconn</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">11.0M</td><td style="min-width:320px">personal information, financial information</td><td style="min-width:120px">2026-05-13</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/14/Who_is_Nitrogen_group_what_does_Foxconn_do_and_what_data_was_2" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>106</td><td style="min-width:200px">Michael Roth's campaign</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">addresses, phone numbers</td><td style="min-width:120px">2026-05-13</td><td style="white-space:nowrap"><a href="https://democraticunderground.com/100221239002" target="_blank" rel="nofollow">democraticunderground.com</a></td></tr><tr><td>107</td><td style="min-width:200px">Adams Health Network</td><td style="min-width:140px">Phishing</td><td style="min-width:120px">—</td><td style="min-width:320px">personal information</td><td style="min-width:120px">2026-05-13</td><td style="white-space:nowrap"><a href="https://bernewitness.com/news/phishing-attack-compromises-adams-health-network-email" target="_blank" rel="nofollow">bernewitness.com</a></td></tr><tr><td>108</td><td style="min-width:200px">Amazon Quick</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-14</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/amazon-quick-bug-exposed-ai-chat-agents-to-users-blocked-by-custom-permissions" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>109</td><td style="min-width:200px">Varsity Brands Inc.</td><td style="min-width:140px">—</td><td style="min-width:120px">66,000</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-14</td><td style="white-space:nowrap"><a href="https://www.law360.com/cybersecurity-privacy/articles/2477904" target="_blank" rel="nofollow">law360.com</a></td></tr><tr><td>110</td><td style="min-width:200px">Katherine</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">private photos</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://laurensouthern.substack.com/p/the-orthodox-twitter-revenge-porn" target="_blank" rel="nofollow">laurensouthern.substack.com</a></td></tr><tr><td>111</td><td style="min-width:200px">Meta</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, email addresses, button click data, personal information</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://www.flyingpenguin.com/meta-taken-to-court-by-android-users-being-exploited" target="_blank" rel="nofollow">flyingpenguin.com</a></td></tr><tr><td>112</td><td style="min-width:200px">Thales Group</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, email addresses, account metadata, company-related fields</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://dig.watch/newsletters/dw-weekly/dw-weekly-262" target="_blank" rel="nofollow">dig.watch</a></td></tr><tr><td>113</td><td style="min-width:200px">CISA</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">usernames, passwords, AWS GovCloud credentials, administrative credentials, GitHub tokens, internal system credentials</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://www.valuethemarkets.com/cryptocurrency/news/significant-data-exposure-in-cisa-contractor-repository-raises-security-concerns" target="_blank" rel="nofollow">valuethemarkets.com</a></td></tr><tr><td>114</td><td style="min-width:200px">Nvidia</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">user records</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://ground.news/article/in-other-news-big-tech-vs-canada-encryption-bill-ciscos-free-ai-security-spec-audi-app-flaws" target="_blank" rel="nofollow">ground.news</a></td></tr><tr><td>115</td><td style="min-width:200px">R&amp;G Brenner</td><td style="min-width:140px">—</td><td style="min-width:120px">—</td><td style="min-width:320px">Social Security numbers, credit/debit card numbers</td><td style="min-width:120px">2026-05-15</td><td style="white-space:nowrap"><a href="https://www.classaction.org/data-breach-lawsuits/r-and-g-brenner-may-2026" target="_blank" rel="nofollow">classaction.org</a></td></tr><tr><td>116</td><td style="min-width:200px">Foxconn</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">10.0M</td><td style="min-width:320px">customer data</td><td style="min-width:120px">2026-05-16</td><td style="white-space:nowrap"><a href="https://beforeitsnews.com/prophecy/2026/05/us-gas-stations-hacked-nation-wide-largest-manufacturer-in-the-world-shut-down-2595398.html" target="_blank" rel="nofollow">beforeitsnews.com</a></td></tr><tr><td>117</td><td style="min-width:200px">WIS International</td><td style="min-width:140px">—</td><td style="min-width:120px">—</td><td style="min-width:320px">Social Security numbers</td><td style="min-width:120px">2026-05-16</td><td style="white-space:nowrap"><a href="https://www.claimdepot.com/investigations/wis-international-data-breach-2026" target="_blank" rel="nofollow">claimdepot.com</a></td></tr><tr><td>118</td><td style="min-width:200px">Comcast</td><td style="min-width:140px">—</td><td style="min-width:120px">117.5M</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-16</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/16/Here_s_how_you_can_claim_up_to_10000_from_Comcast_s_massive_" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>119</td><td style="min-width:200px">Lehighton Area School District</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">social security numbers</td><td style="min-width:120px">2026-05-18</td><td style="white-space:nowrap"><a href="https://www.wfmz.com/news/area/poconos-coal/da-social-security-numbers-of-lehighton-school-district-employees-exposed-on-website/article_5d35d729-e911-4a2b-8d2d-4a5401defa88.html" target="_blank" rel="nofollow">wfmz.com</a></td></tr><tr><td>120</td><td style="min-width:200px">Trump Mobile</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">10,000</td><td style="min-width:320px">names, physical addresses, email addresses, phone numbers</td><td style="min-width:120px">2026-05-19</td><td style="white-space:nowrap"><a href="https://article.wn.com/view/2026/05/20/Trump_Mobile_may_be_leaking_customer_addresses" target="_blank" rel="nofollow">article.wn.com</a></td></tr><tr><td>121</td><td style="min-width:200px">Mesa County</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">confidential information</td><td style="min-width:120px">2026-05-19</td><td style="white-space:nowrap"><a href="https://www.einpresswire.com/article/913646843/mesa-county-addresses-inadvertent-disclosure-in-cora-response" target="_blank" rel="nofollow">einpresswire.com</a></td></tr><tr><td>122</td><td style="min-width:200px">NYC Health + Hospitals</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.8M</td><td style="min-width:320px">Biometrics, diagnoses, bank details</td><td style="min-width:120px">2026-05-19</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/biometrics-diagnoses-and-bank-details-exposed-in-major-healthcare-breach" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>123</td><td style="min-width:200px">Meta</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1</td><td style="min-width:320px">private data, personal audio-visual recordings, unique facial traits, facial geometry</td><td style="min-width:120px">2026-05-20</td><td style="white-space:nowrap"><a href="https://kisselpaso.com/ixp/514/p/meta-smart-glasses-texas-investigation" target="_blank" rel="nofollow">kisselpaso.com</a></td></tr><tr><td>124</td><td style="min-width:200px">Bank of America</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">names, partial account numbers, social security numbers</td><td style="min-width:120px">2026-05-20</td><td style="white-space:nowrap"><a href="https://theorcasonian.com/orcas-island-seniors-urged-to-take-action-following-bank-of-america-data-breaches" target="_blank" rel="nofollow">theorcasonian.com</a></td></tr><tr><td>125</td><td style="min-width:200px">South Adams</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">1.0M</td><td style="min-width:320px">customer records</td><td style="min-width:120px">2026-05-20</td><td style="white-space:nowrap"><a href="https://bernewitness.com/news/recycling-remark-addressed-by-swmd-board" target="_blank" rel="nofollow">bernewitness.com</a></td></tr><tr><td>126</td><td style="min-width:200px">Sony</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">PSN ID, password, purchase information, transaction number, last digits of a card</td><td style="min-width:120px">2026-05-20</td><td style="white-space:nowrap"><a href="https://list23.com/3970756-the-system-s-flaws-made-it-easy-to-hack-into-playstation-accounts-making-them-a-popular-target-for-h" target="_blank" rel="nofollow">list23.com</a></td></tr><tr><td>127</td><td style="min-width:200px">GitHub</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">internal repos</td><td style="min-width:120px">2026-05-20</td><td style="white-space:nowrap"><a href="https://www.bluesnews.com/s/298228/midday-safety-dance" target="_blank" rel="nofollow">bluesnews.com</a></td></tr><tr><td>128</td><td style="min-width:200px">Clark County School District</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">3</td><td style="min-width:320px">login credentials, direct deposit information</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.reviewjournal.com/local/education/not-a-system-issue-ccsd-staff-told-to-reset-passwords-after-3-employees-scammed-3827449" target="_blank" rel="nofollow">reviewjournal.com</a></td></tr><tr><td>129</td><td style="min-width:200px">American Airlines</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">username, password, frequent flyer miles, trip credit</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.nbcmiami.com/responds/hackers-stealing-miles-from-frequent-flier-accounts-nationwide/3812096" target="_blank" rel="nofollow">nbcmiami.com</a></td></tr><tr><td>130</td><td style="min-width:200px">Office of Information Technology</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">email accounts</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.mvariety.com/news/local/local-news-office-of-information-technology-responding-to-recent-cyber-attack-on-government-email-accounts/article_79718241-2662-4471-bbd2-ca1c0493164e.html" target="_blank" rel="nofollow">mvariety.com</a></td></tr><tr><td>131</td><td style="min-width:200px">Nelnet</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">2.5M</td><td style="min-width:320px">Social Security numbers, addresses, email addresses, phone numbers, names</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.chron.com/news/article/nelnet-lawsuit-settlement-payout-22244656.php" target="_blank" rel="nofollow">chron.com</a></td></tr><tr><td>132</td><td style="min-width:200px">Google</td><td style="min-width:140px">Unauthorized Access</td><td style="min-width:120px">—</td><td style="min-width:320px">uploaded files, cached prompts, conversations, BigQuery data, Maps data</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.itsecuritynews.info/deleted-google-api-keys-remain-active-up-to-23-minutes-study-finds" target="_blank" rel="nofollow">itsecuritynews.info</a></td></tr><tr><td>133</td><td style="min-width:200px">Instructure</td><td style="min-width:140px">Ransomware</td><td style="min-width:120px">—</td><td style="min-width:320px">—</td><td style="min-width:120px">2026-05-21</td><td style="white-space:nowrap"><a href="https://www.globalnerdy.com/2026/05/21/notes-from-bsides-tampa-13-dealing-with-shadows-or-a-day-in-the-life-of-a-threat-actor-negotiator" target="_blank" rel="nofollow">globalnerdy.com</a></td></tr></tbody></table></div>
Datasets

Loading...

Query used
Run your own query →

2,000 free credits · No card required

Events found
Web pages reviewed
79.8%
Observable recall
Showing of verified events Dataset generated by CatchAll · Updated monthly

Unlock the full dataset

Run your own query →

2,000 free credits · No card required

Secure strategic advantage with real-world signals for your teams and models

What you don't know can hurt you. Let's change that.

Book a Demo