SaaS Breach Database
Stay up to date with the latest SaaS breaches from around the world, brought to you by the team of data security experts at Metomic
What’s a SaaS data breach?
With businesses around the world using SaaS apps like Slack, Google Drive and ChatGPT, to enhance collaboration and productivity, the risk of sensitive data being shared between teams is at an all-time high. A SaaS data breach involves one of these handy apps being compromised, and the data stored within it being leaked or stolen.
Although these apps may come with some security benefits, this doesn't always include the data layer specifically, putting customer and employee data at risk.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
April 26, 2024
Featured
Kaiser Health Insurance Breach
Kaiser Health Insurance has notified millions of a data breach after inadvertently sharing patients’ data with advertisers, including Google and Microsoft.
US
2024
Learn MoreApril 25, 2024
Featured
UK Smartphone Maker Nothing Confirms 2022 Data Breach
UK smartphone maker Nothing confirms a 2022 data breach compromising 2,250 members' personal info, though payment details remain secure, while ongoing security enhancements are in progress.
UK
2022
Learn MoreApril 24, 2024
Featured
Grindr Faces UK Lawsuit Over Alleged Data Breaches
Grindr, the LGBTQ dating app, faces a UK lawsuit alleging unauthorised sharing of users' sensitive information, including HIV status, with third parties, despite the app's denial of commercial use of health data.
UK
2024
Learn MoreApril 17, 2024
Featured
Change Healthcare data breach extortion development
RansomHub threatens to publish healthcare data stolen from Change Healthcare unless a ransom is paid, alleging non-payment of a $22 million ransom from a previous attack by BlackCat ransomware.
US
2024
Learn MoreApril 15, 2024
Featured
French municipal services suffer cyberattacks
Multiple French municipalities face significant disruptions to public services due to a large-scale cyberattack on shared servers, emphasising the growing threat to public infrastructure and the need for enhanced cybersecurity measures globally.
Worldwide
2024
Learn MoreApril 10, 2024
Featured
Microsoft Employee Details Leaked
A data breach at Microsoft exposed employees' credentials and internal files related to Bing on an unprotected Azure server, potentially allowing unauthorised access to sensitive information, despite being reported and resolved, raising concerns about security protocols.
Worldwide
2024
Learn MoreApril 9, 2024
Featured
Home Depot Data Breach
Home Depot confirms employee data breach due to vendor error, posing phishing threat by IntelBroker, risking financial and reputational harm.
US
2024
Learn MoreApril 5, 2024
Featured
US Congress Bans Staff From Using Microsoft Copilot
Congress bans staff use of Microsoft's AI Copilot over cybersecurity concerns, highlighting challenges in regulating AI technology internally and externally.
US
2024
Learn MoreApril 4, 2024
Featured
Acuity data breach
IntelBroker leaks allegedly stolen Five Eyes data from Acuity breach, containing sensitive government and military information, following similar attacks on entities like Los Angeles International Airport and General Electric.
US
2024
Learn MoreApril 4, 2024
Featured
AT&T Data Breach
AT&T confirms data leak of 73 million customers, including personal information, prompting outreach to affected users and offering credit monitoring services.
US
2024
Learn MoreMarch 28, 2024
Featured
NHS Scotland Confirms Data Breach
NHS Scotland's Dumfries and Galloway health board confirms INC Ransom gang's cyberattack, revealing that patient data was compromised, prompting investigations and notifications to authorities and affected individuals.
UK
2024
Learn MoreMarch 27, 2024
Featured
UK/China electoral Data Breach
The UK government accuses China state-affiliated actors of conducting malicious cyber activities targeting UK democratic institutions and individuals, including parliamentarians and the Electoral Commission, with breaches occurring in 2021 and 2022.
UK
2021/2022
Learn MoreMarch 26, 2024
Featured
Report shows 61% of 2023 data breaches caused by malware
SpyCloud's 2024 report highlights that 61% of data breaches in 2023 were caused by infostealer malware, affecting over 343 million stolen credentials, significantly increasing cybercrime risks.
Worldwide
2023
Learn MoreMarch 21, 2024
Featured
London Clinic delayed reporting on data breach
The ICO probes delayed reporting of a breach at the London Clinic regarding unauthorised access to Princess Catherine's medical records, potentially leading to enforcement and criminal action.
UK
2024
Learn MoreMarch 20, 2024
Featured
Microsoft Outlook
A sophisticated Chinese cyber-espionage campaign targeting Microsoft Outlook accounts gave Beijing access to tens of thousands of private US government emails
US
2023
Learn MoreMarch 20, 2024
Featured
MGM & Caesers (plus many more)
David Bradbury, chief security officer of the identity management company Okta, said five of the company's clients, including MGM and Caesars, had fallen victim to hacking groups known as ALPHV and Scattered Spider since August.
US
2023
Learn MoreMarch 20, 2024
Featured
Fujitsu cyberattack triggers data theft concern amidst post office scandal
Fujitsu confirmed a cyberattack resulting in potential data theft, prompting internal investigation amidst scrutiny over its involvement in U.K. Post Office workers' wrongful convictions.
Worldwide
2024
Learn MoreMarch 20, 2024
Featured
US department of Health and Human Services launches investigation in Change Healthcare data breach
The US Health Department investigates a Change Healthcare breach and ransomware attack, as restoration efforts proceed amidst scrutiny over a £22 million ransom payment and HIPAA compliance investigation.
US
2024
Learn MoreOctober 27, 2023
Featured
23andMe Data Breach
Genetics testing company 23andMe sent emails to several customers to inform them of a breach into the "DNA Relatives" feature that allowed them to compare ancestry information with users worldwide.
US
2023
Learn MoreOctober 27, 2023
Featured
Okta Security Breach
Okta Security identified adversarial activity that used a stolen credential to gain access to the company’s support case management system.
Worldwide
2023
Learn MoreOctober 27, 2023
Featured
City of Philadelphia Email Hack
The City of Philadelphia says personal, health, and financial information was stolen in a cyberattack on its email environment.
US
2023
Learn MoreOctober 27, 2023
Featured
Equifax
Credit bureau company, Equifax, has been fined US$13.4 million by The Financial Conduct Authority (FCA), a UK financial watchdog, following its involvement in “one of the largest” data breaches ever.
Worldwide
2023
Learn MoreOctober 2, 2023
Featured
MOVEit hack
A hydra-headed breach centered on a single American software maker has compromised data at more than 600 organisations worldwide, according to cyber analyst tallies corroborated by Reuters.
US
2023
Learn MoreSeptember 25, 2023
Featured
Microsoft
A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub.
Worldwide
2023
Learn MoreMinimise your attack surface in SaaS apps
Book a demo with one of our SaaS security specialists to see how Metomic can help your business