SaaS Breach Database

Stay up to date with the latest SaaS breaches from around the world, brought to you by the team of data security experts at Metomic

What’s a SaaS data breach?

With businesses around the world using SaaS apps like Slack, Google Drive and ChatGPT, to enhance collaboration and productivity, the risk of sensitive data being shared between teams is at an all-time high. A SaaS data breach involves one of these handy apps being compromised, and the data stored within it being leaked or stolen.

Although these apps may come with some security benefits, this doesn't always include the data layer specifically, putting customer and employee data at risk.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
October 3, 2024
Featured
Latin American Banking App Causes Data Breach
A misconfigured digital banking platform, Bankingly, leaked personal data of nearly 135,000 clients from seven financial institutions across Latin America.
Worldwide
2024
Learn More
September 24, 2024
Featured
Star Health Data Breach: Medical Records Sold Online
A data breach at Star Health exposed millions of customers' sensitive medical records, which are now being sold on Telegram and BreachForums.
Worldwide
2024
Learn More
September 20, 2024
Featured
DFA fears data breach at state passport printer
The DFA has expressed concern over potential data breaches at APO, the state-owned passport printer, possibly compromising the data of 28 million Philippine passport holders.
Worldwide
2024
Learn More
September 18, 2024
Featured
Capgemini Data Breach Exposes T-Mobile Logs
A hacker claims to have stolen 20GB of Capgemini data, including T-Mobile virtual machine logs, API keys, and sensitive staff information.
Worldwide
2024
Learn More
September 13, 2024
Featured
Fortinet Data Breach: Hackers Steal 440GB of Sensitive Data
Fortinet has confirmed a limited data breach following a hacker’s claim of stealing 440GB of sensitive data, though the company downplays the incident’s impact.
US
2024
Learn More
September 9, 2024
Featured
TfL Limits Data Feeds and Services After Cyber-Attack
Transport for London is managing the fallout from a cyber-attack by cutting live data feeds and limiting access to online services, though it assures that customer data has not been compromised.
UK
2024
Learn More
September 6, 2024
Featured
Tracelo Data Breach Exposes 1.4 Million User Records
A hacker breached Tracelo's system, exposing the personal data of 1.4 million users, including names, emails, phone numbers, and location information, raising serious security and privacy concerns.
Worldwide
2024
Learn More
September 5, 2024
Featured
TfL Hit by Major Cyber-Attack
Transport for London is dealing with a significant cyber-attack, but there is no evidence that customer data has been compromised.
UK
2024
Learn More
August 28, 2024
Featured
Microsoft
A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub.
Worldwide
2023
Learn More
August 28, 2024
Featured
MOVEit hack
A hydra-headed breach centered on a single American software maker has compromised data at more than 600 organisations worldwide, according to cyber analyst tallies corroborated by Reuters.
US
2023
Learn More
August 28, 2024
Featured
Microsoft Outlook
A sophisticated Chinese cyber-espionage campaign targeting Microsoft Outlook accounts gave Beijing access to tens of thousands of private US government emails
US
2023
Learn More
August 28, 2024
Featured
MGM & Caesers (plus many more)
David Bradbury, chief security officer of the identity management company Okta, said five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.
US
2023
Learn More
August 28, 2024
Featured
Equifax
Credit bureau company, Equifax, has been fined US$13.4 million by The Financial Conduct Authority (FCA), a UK financial watchdog, following its involvement in “one of the largest” data breaches ever.
Worldwide
2023
Learn More
August 28, 2024
Featured
City of Philadelphia Email Hack
The City of Philadelphia says personal, health, and financial information was stolen in a cyberattack on its email environment.
US
2023
Learn More
August 28, 2024
Featured
Okta Security Breach
Okta Security identified adversarial activity that used a stolen credential to gain access to the company’s support case management system.
Worldwide
2023
Learn More
August 28, 2024
Featured
23andMe Data Breach
Genetics testing company 23andMe sent emails to several customers to inform them of a breach into the "DNA Relatives" feature that allowed them to compare ancestry information with users worldwide.
US
2023
Learn More
August 28, 2024
Featured
US department of Health and Human Services launches investigation in Change Healthcare data breach
The US Health Department investigates a Change Healthcare breach and ransomware attack, as restoration efforts proceed amidst scrutiny over a £22 million ransom payment and HIPAA compliance investigation.
US
2024
Learn More
August 28, 2024
Featured
Fujitsu cyberattack triggers data theft concern amidst post office scandal
Fujitsu confirmed a cyberattack resulting in potential data theft, prompting internal investigation amidst scrutiny over its involvement in U.K. Post Office workers' wrongful convictions.
Worldwide
2024
Learn More
August 28, 2024
Featured
London Clinic delayed reporting on data breach
The ICO probes delayed reporting of a breach at the London Clinic regarding unauthorised access to Princess Catherine's medical records, potentially leading to enforcement and criminal action.
UK
2024
Learn More
August 28, 2024
Featured
Report shows 61% of 2023 data breaches caused by malware
SpyCloud's 2024 report highlights that 61% of data breaches in 2023 were caused by infostealer malware, affecting over 343 million stolen credentials, significantly increasing cybercrime risks.
Worldwide
2023
Learn More
August 28, 2024
Featured
UK/China electoral Data Breach
The UK government accuses China state-affiliated actors of conducting malicious cyber activities targeting UK democratic institutions and individuals, including parliamentarians and the Electoral Commission, with breaches occurring in 2021 and 2022.
UK
2021/2022
Learn More
August 28, 2024
Featured
NHS Scotland Confirms Data Breach
NHS Scotland's Dumfries and Galloway health board confirms INC Ransom gang's cyberattack, revealing that patient data was compromised, prompting investigations and notifications to authorities and affected individuals.
UK
2024
Learn More
August 28, 2024
Featured
AT&T Data Breach
AT&T confirms data leak of 73 million customers, including personal information, prompting outreach to affected users and offering credit monitoring services.
US
2024
Learn More
August 28, 2024
Featured
Acuity data breach
IntelBroker leaks allegedly stolen Five Eyes data from Acuity breach, containing sensitive government and military information, following similar attacks on entities like Los Angeles International Airport and General Electric.
US
2024
Learn More
August 28, 2024
Featured
US Congress Bans Staff From Using Microsoft Copilot
Congress bans staff use of Microsoft's AI Copilot over cybersecurity concerns, highlighting challenges in regulating AI technology internally and externally.
US
2024
Learn More
August 28, 2024
Featured
Home Depot Data Breach
Home Depot confirms employee data breach due to vendor error, posing phishing threat by IntelBroker, risking financial and reputational harm.
US
2024
Learn More
August 28, 2024
Featured
Microsoft Employee Details Leaked
A data breach at Microsoft exposed employees' credentials and internal files related to Bing on an unprotected Azure server, potentially allowing unauthorised access to sensitive information, despite being reported and resolved, raising concerns about security protocols.
Worldwide
2024
Learn More
August 28, 2024
Featured
French municipal services suffer cyberattacks
Multiple French municipalities face significant disruptions to public services due to a large-scale cyberattack on shared servers, emphasising the growing threat to public infrastructure and the need for enhanced cybersecurity measures globally.
Worldwide
2024
Learn More
August 28, 2024
Featured
Change Healthcare data breach extortion development
RansomHub threatens to publish healthcare data stolen from Change Healthcare unless a ransom is paid, alleging non-payment of a $22 million ransom from a previous attack by BlackCat ransomware.
US
2024
Learn More
August 28, 2024
Featured
Grindr Faces UK Lawsuit Over Alleged Data Breaches
Grindr, the LGBTQ dating app, faces a UK lawsuit alleging unauthorised sharing of users' sensitive information, including HIV status, with third parties, despite the app's denial of commercial use of health data.
UK
2024
Learn More
August 28, 2024
Featured
UK Smartphone Maker Nothing Confirms 2022 Data Breach
UK smartphone maker Nothing confirms a 2022 data breach compromising 2,250 members' personal info, though payment details remain secure, while ongoing security enhancements are in progress.
UK
2022
Learn More
August 28, 2024
Featured
Kaiser Health Insurance Breach
Kaiser Health Insurance has notified millions of a data breach after inadvertently sharing patients’ data with advertisers, including Google and Microsoft.
US
2024
Learn More
August 28, 2024
Featured
FBCS Data Breach Exposes Two Million Users
US-based collection agency, Financial Business and Consumer Solutions (FBCS), experienced a data breach, exposing the sensitive data of nearly two million individuals.
US
2023
Learn More
August 28, 2024
Featured
Dropbox eSign Tool Hit by Major Data Breach
Dropbox's eSign tool suffered a major data breach, compromising sensitive customer information including emails, usernames, phone numbers, hashed passwords, and multi-factor authentication details, prompting password resets and security measures.
Worldwide
2024
Learn More
August 28, 2024
Featured
HMRC 2023 Breaches Exposes 10K+ Data
HMRC reveals 2023 breaches exposed 10,000+ customers' data and widespread security gaps in government departments, with HMRC reporting 1015 lost devices.
UK
2023
Learn More
August 28, 2024
Featured
Dell Issues Warning of Data Breach Impacting 49M Customers
Dell warns of data breach affecting 49 million customers, compromising names, addresses, and purchase details, prompting caution against potential targeted attacks.
Worldwide
2024
Learn More
August 28, 2024
Featured
Nissan North America Data Breach
A cyber attack on Nissan North America compromised personal data of 53,038 current and former employees, with names and Social Security Numbers leaked.
US
2024
Learn More
August 28, 2024
Featured
Patriot Mobile Data Breach
Conservative Cell Carrier Patriot Mobile, experienced a data breach compromising customer information, including names, email addresses, and ZIP codes.
US
2024
Learn More
August 28, 2024
Featured
Cencora Data Breach
Cencora cyberattack exposes sensitive data at nearly a dozen pharmaceutical firms, sparking identity theft worries.
US
2024
Learn More
August 28, 2024
Featured
BBC Data Breach
BBC faces data breach exposing the personal data of 25,000 staff including names, addresses, and National Insurance numbers, prompting an urgent investigation and precautionary measures.
UK
2024
Learn More
August 28, 2024
Featured
Snowflake Data Breach Upgraded
The Snowflake data breach, involving stolen login details and linked to attacks on Ticketmaster and Santander, is escalating into one of the largest ever, with cybercriminals claiming to sell vast amounts of stolen data online.
US
2024
Learn More
August 28, 2024
Featured
SoftBank Data Breach Strains Japan-South Korea Ties
A data breach at Line Yahoo, a joint venture between Japan's SoftBank and South Korea's Naver, compromised personal information of 510,000 users, straining Japan-South Korea relations and prompting Japan to urge Naver to reduce its stake over security concerns.
Worldwide
2024
Learn More
August 28, 2024
Featured
Thailand Election Commission Probes Massive Data Breach
The Election Commission of Thailand is investigating a breach after district-level Senate voting, involving the leak of personal data from over 20,000 applicants, including sensitive details like ID card numbers.
2024
Learn More
August 28, 2024
Featured
Keytronic Confirms Data Breach by Black Basta
Hardware firm Keytronic confirmed a data breach by the Black Basta ransomware group, affecting personal information and operations, with the group leaking over 500GB of stolen data.
Worldwide
2024
Learn More
August 28, 2024
Featured
Hackers Claim Massive Data Theft from AMD
Hackers claim to have stolen and are selling extensive confidential data from AMD, including employee and customer information and future product details, prompting an investigation involving law enforcement and highlighting vulnerabilities in third-party hosting services.
Worldwide
2024
Learn More
August 28, 2024
Featured
Geisinger Alerts Patients to Data Breach
A former Nuance Communications employee accessed over a million Geisinger patients' personal information after termination, prompting Geisinger to notify affected individuals and collaborate with authorities on the investigation.
US
2024
Learn More
August 28, 2024
Featured
RockYou2024: Largest Ever Leak of 10 Billion Passwords
Nearly 10 billion passwords have been leaked online in the largest compilation ever, known as "RockYou2024," by a user named "ObamaCare," heightening the risk of credential stuffing attacks.
Worldwide
2024
Learn More
August 28, 2024
Featured
1.1 terabytes of Disney Slack Data Leaked in AI Art Protest
Hackers from the group NullBulge claim to have leaked 1.1 TB of Disney's internal Slack messages and files in protest against AI-generated art.
US
2024
Learn More
August 28, 2024
Featured
Acadian Ambulance Data Breach
The Daixin Team claims to have stolen and is threatening to release the personal and employee data of around 10 million individuals from Acadian Ambulance unless a $7 million ransom is paid, amid ongoing negotiations and efforts to secure the breach.
US
2024
Learn More
August 28, 2024
Featured
Leidos Data Breach Exposes Sensitive Defence Information
Hackers leaked internal documents from defence contractor Leidos, exposing sensitive information due to vulnerabilities in third-party data management.
US
2024
Learn More
August 28, 2024
Featured
National Public Data Breach
A data breach at National Public Data exposed the personal information of 2.9 billion people, including names, addresses, and Social Security Numbers, which were then put up for sale on the dark web.
US
2024
Learn More
August 28, 2024
Featured
HealthEquity Breach Exposes Data of 4.3 Million
A third-party breach at HealthEquity exposed the personal and health data of 4.3 million people.
US
2024
Learn More
August 28, 2024
Featured
Toyota Confirms Data Breach from Third-Party Leak
Toyota has confirmed that a third-party data breach exposed 240GB of customer and employee information, but the breach did not affect Toyota's own systems.
US
2024
Learn More

Minimise your attack surface in SaaS apps

Book a demo with one of our SaaS security specialists to see how Metomic can help your business

Book a demo