Live monitoring

Data Breach Alerts

Confirmed breaches, leaked-credential disclosures, and exposure reports — investigated and triaged by the ScruteX research team. Updated as incidents are validated.

This feed tracks confirmed and publicly disclosed data breaches — the organisation affected, when the incident occurred, the type of data exposed, and how serious it is. Each alert is compiled from public sources and structured by the ScruteX research team so you can quickly assess whether an exposure is relevant to you or your organisation. We publish the facts of each incident, not the leaked data itself.

Use the alerts below to check whether a service you rely on has been breached, understand what data was involved, and follow practical steps to reduce your risk — from resetting reused passwords to enabling multi-factor authentication and watching for breach-themed phishing.

Aura

High

Identity Protection / Cybersecurity · March 2026

Aura, an identity protection and digital privacy company, confirmed a data breach exposing approximately 900,000 marketing contacts. The breach is notable given the company’s core business of protecting customers from identity theft and privacy violations.

Names Email Addresses Marketing Contact Data

Marquis

High

Financial Services · March 2026

Financial services firm Marquis disclosed that a ransomware attack led to the theft of personal data for approximately 672,000 individuals.

Names Social Security Numbers Financial Account Information Personal Information

Washington State Benefits Administrator

Critical

Healthcare / Employee Benefits · March 2026

A Washington-state based employee benefits administrator is notifying nearly 2.7 million individuals that their personal and health plan information, including Social Security numbers, was potentially stolen in a hacking incident discovered in January 2026.

Names Social Security Numbers Health Plan Information Personal Details

Olympique de Marseille

Medium

Sports / Entertainment · March 2026

French football club Olympique de Marseille confirmed a cyberattack after data appeared online. The club initially described the incident as an attempted attack but subsequently acknowledged that data was leaked.

Club Data Personal Information

Cheyenne and Arapaho Tribes

Critical

Government · January 2026

Cheyenne and Arapaho Tribes

High

Government / Tribal Administration · January 2026

The Cheyenne and Arapaho Tribes of Oklahoma suffered a data security incident resulting in unauthorised access to tribal member and employee personal information.

Names Social Security Numbers Date of Birth Address Medical Information

ESOP (Employee Stock Ownership Plan Provider)

High

Financial Services · January 2026

A financial services firm administering employee stock ownership plans reported a breach affecting plan participant personal and financial data.

Names Social Security Numbers Financial Account Details Employment Information

Sundher Group

Medium

Professional Services · December 2025

Professional services firm Sundher Group reported unauthorised access to client and employee records following a network intrusion.

Names Email Addresses Contact Information Business Documents

Wilson Workflow Solutions

High

Technology · December 2025

Workflow automation provider Wilson Workflow Solutions experienced a ransomware attack resulting in data exfiltration and service disruption.

Customer Data Employee Records Business Process Data Credentials

Frequently asked questions

What is a data breach alert?

A data breach alert is a concise, structured summary of a publicly disclosed security incident — which organisation was affected, when it happened, what kind of data was exposed, and how serious it is. ScruteX publishes these so individuals and security teams can quickly understand emerging exposures.

Where does this breach data come from?

Each alert is compiled from publicly available sources — official disclosures, regulatory filings, and reputable reporting — then triaged and structured by the ScruteX research team. We do not publish stolen data itself, only the facts of the incident.

How is breach severity decided?

Severity reflects how sensitive the exposed data is and how easily it could be abused. Critical and high ratings usually involve credentials, financial, or identity data at scale; medium and low ratings involve more limited or less sensitive exposure.

How often are new alerts published?

New alerts are added continuously as incidents are validated. Because breaches are disclosed at any time, it is worth checking back regularly rather than expecting a fixed schedule.

What should I do if an organisation I use appears here?

Open the relevant alert and follow the checklist on it: change and stop reusing passwords, enable multi-factor authentication, watch for phishing that references the incident, and monitor financial statements if payment data was involved.