Data Breach Alerts
Confirmed breaches, leaked-credential disclosures, and exposure reports — investigated and triaged by the ScruteX research team. Updated as incidents are validated.
This feed tracks confirmed and publicly disclosed data breaches — the organisation affected, when the incident occurred, the type of data exposed, and how serious it is. Each alert is compiled from public sources and structured by the ScruteX research team so you can quickly assess whether an exposure is relevant to you or your organisation. We publish the facts of each incident, not the leaked data itself.
Use the alerts below to check whether a service you rely on has been breached, understand what data was involved, and follow practical steps to reduce your risk — from resetting reused passwords to enabling multi-factor authentication and watching for breach-themed phishing.
Aura
HighIdentity Protection / Cybersecurity · March 2026
Aura, an identity protection and digital privacy company, confirmed a data breach exposing approximately 900,000 marketing contacts. The breach is notable given the company’s core business of protecting customers from identity theft and privacy violations.
Marquis
HighFinancial Services · March 2026
Financial services firm Marquis disclosed that a ransomware attack led to the theft of personal data for approximately 672,000 individuals.
Washington State Benefits Administrator
CriticalHealthcare / Employee Benefits · March 2026
A Washington-state based employee benefits administrator is notifying nearly 2.7 million individuals that their personal and health plan information, including Social Security numbers, was potentially stolen in a hacking incident discovered in January 2026.
Olympique de Marseille
MediumSports / Entertainment · March 2026
French football club Olympique de Marseille confirmed a cyberattack after data appeared online. The club initially described the incident as an attempted attack but subsequently acknowledged that data was leaked.
Cheyenne and Arapaho Tribes
CriticalGovernment · January 2026
Cheyenne and Arapaho Tribes
HighGovernment / Tribal Administration · January 2026
The Cheyenne and Arapaho Tribes of Oklahoma suffered a data security incident resulting in unauthorised access to tribal member and employee personal information.
ESOP (Employee Stock Ownership Plan Provider)
HighFinancial Services · January 2026
A financial services firm administering employee stock ownership plans reported a breach affecting plan participant personal and financial data.
Sundher Group
MediumProfessional Services · December 2025
Professional services firm Sundher Group reported unauthorised access to client and employee records following a network intrusion.
Wilson Workflow Solutions
HighTechnology · December 2025
Workflow automation provider Wilson Workflow Solutions experienced a ransomware attack resulting in data exfiltration and service disruption.
Frequently asked questions
What is a data breach alert? ▾
A data breach alert is a concise, structured summary of a publicly disclosed security incident — which organisation was affected, when it happened, what kind of data was exposed, and how serious it is. ScruteX publishes these so individuals and security teams can quickly understand emerging exposures.
Where does this breach data come from? ▾
Each alert is compiled from publicly available sources — official disclosures, regulatory filings, and reputable reporting — then triaged and structured by the ScruteX research team. We do not publish stolen data itself, only the facts of the incident.
How is breach severity decided? ▾
Severity reflects how sensitive the exposed data is and how easily it could be abused. Critical and high ratings usually involve credentials, financial, or identity data at scale; medium and low ratings involve more limited or less sensitive exposure.
How often are new alerts published? ▾
New alerts are added continuously as incidents are validated. Because breaches are disclosed at any time, it is worth checking back regularly rather than expecting a fixed schedule.
What should I do if an organisation I use appears here? ▾
Open the relevant alert and follow the checklist on it: change and stop reusing passwords, enable multi-factor authentication, watch for phishing that references the incident, and monitor financial statements if payment data was involved.