Data Breach Tracker: US Company Security Incidents
271
May 2026
Security & Stability
Confirmed data breaches and cyber security incidents reported by US companies each month, sourced from SEC 8-K filings, state attorney general breach notifications, cybersecurity news, and company disclosures. Each record covers the affected organisation, number of records exposed, data types compromised (personal information, financial data, health records), attack method where disclosed, and notification date. Only events confirmed by at least one authoritative source are included.
Data breach or security incident exposing customer or user records reported at a company in the US in May 2026
CISOs and security teams use it to benchmark incident frequency by sector and identify systemic attack patterns across industries. Cyber insurance underwriters use it to assess risk exposure and loss trends. Legal and compliance teams track breach notification timelines and regulatory responses. Journalists and researchers covering cybersecurity use it as a structured, sourced record of confirmed incidents.
14914
<table class="catchall-table"><thead><tr><th style="min-width:40px">#</th><th style="min-width:180px">Event</th><th style="min-width:200px">Affected Company</th><th style="min-width:180px">Incident Type</th><th style="min-width:200px">Location</th><th style="min-width:260px">Data Types Exposed</th><th style="min-width:140px;white-space:nowrap">Records Exposed</th><th style="min-width:120px;white-space:nowrap">Date</th><th style="min-width:120px;white-space:nowrap">Source</th></tr></thead><tbody>
<tr><td style="min-width:40px">1</td><td style="min-width:180px">Canvas Cyberattack and Data Breach</td><td style="min-width:200px">Instructure Inc.</td><td style="min-width:180px">Data Breach</td><td style="min-width:200px">Texas</td><td style="min-width:260px">student messages, email addresses, student ID numbers</td><td style="white-space:nowrap">275,000,000</td><td style="white-space:nowrap">2026-05-07</td><td style="white-space:nowrap"><a href="https://www.msn.com/en-us/news/us/texas-nursing-student-says-canvas-cyberattack-upended-finals-now-she-s-suing/ar-AA2379oR" target="_blank" rel="noopener noreferrer">Source</a></td></tr>
<tr><td style="min-width:40px">2</td><td style="min-width:180px">Google Engineer Michele Spagnuolo Charged with Insider Trading and Data Misuse</td><td style="min-width:200px">Google</td><td style="min-width:180px">Insider Threat</td><td style="min-width:200px">New York City</td><td style="min-width:260px">proprietary algorithmic data, confidential data, internal data, Google Search trends, user behavior</td><td style="white-space:nowrap">1,000,000</td><td style="white-space:nowrap">2026-05-28</td><td style="white-space:nowrap"><a href="https://www.world-today-news.com/google-engineer-michele-spagnuolo-charged-with-fraud-and-money-laundering" target="_blank" rel="noopener noreferrer">Source</a></td></tr>
<tr><td style="min-width:40px">3</td><td style="min-width:180px">Delta Dental fined $2.25M for cybersecurity violations and 2023 data breach</td><td style="min-width:200px">Delta Dental of New York and Delta Dental Insurance Co.</td><td style="min-width:180px">Data Breach</td><td style="min-width:200px">New York</td><td style="min-width:260px">Social Security numbers, financial details, health records</td><td style="white-space:nowrap">60,000</td><td style="white-space:nowrap">2026-05-19</td><td style="white-space:nowrap"><a href="https://www.mondaq.com/unitedstates/insurance-laws-and-products/1788908/nydfs-ramps-up-health-care-cybersecurity-enforcement-with-%24225-million-settlement" target="_blank" rel="noopener noreferrer">Source</a></td></tr>
<tr><td style="min-width:40px">4</td><td style="min-width:180px">Trump Mobile customer data leak</td><td style="min-width:200px">Trump Mobile</td><td style="min-width:180px">Data Breach</td><td style="min-width:200px">Florida</td><td style="min-width:260px">names, email addresses, mailing addresses, order identifiers, mobile phone numbers</td><td style="white-space:nowrap">30,000</td><td style="white-space:nowrap">2026-05-19</td><td style="white-space:nowrap"><a href="https://www.androidauthority.com/trump-mobile-t1-phone-dont-buy-reasons-3670777" target="_blank" rel="noopener noreferrer">Source</a></td></tr>
<tr><td style="min-width:40px">5</td><td style="min-width:180px">CRH reaches agreement to settle privacy lawsuits</td><td style="min-width:200px">Columbus Regional Health</td><td style="min-width:180px">Data Breach</td><td style="min-width:200px">Indianapolis, Indiana</td><td style="min-width:260px">personal health information, medical treatment details, website activity</td><td style="white-space:nowrap">20,763</td><td style="white-space:nowrap">2026-05-27</td><td style="white-space:nowrap"><a href="https://www.therepublic.com/2026/05/27/crh-reaches-agreement-to-settle-privacy-lawsuits" target="_blank" rel="noopener noreferrer">Source</a></td></tr>
<tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr>
<tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr>
<tr class="catchall-blurred"><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td><td>████████████</td></tr>
</tbody></table>
<h3>What is the difference between this and Have I Been Pwned?</h3><p>Have I Been Pwned focuses on individual credential exposure. This tracker covers corporate breach events – affected company, breach scope, attack type, and regulatory notification – making it suited to enterprise risk monitoring rather than personal account checks.</p><h3>Are healthcare and financial sector breaches included?</h3><p>Yes. HIPAA-covered healthcare breaches appear via HHS breach portal notifications; financial institution incidents come from SEC filings and sector-specific reporting.</p><h3>How does CatchAll validate a breach before including it?</h3><p>Inclusion requires at least one authoritative source – a regulatory filing, company press release, or official notification. Unconfirmed reports from security researchers or forums are excluded.</p><h3>What is the refresh rate of this dataset?</h3><p>We rerun this dataset once a month. You can create your own dataset that updates as frequently as every one hour on <a href="https://platform.newscatcherapi.com/catchall">platform.newscatcherapi.com/catchall</a></p>