Data Breach Tracker 2026: Latest Breaches, Settlements & What To Do If Affected
Every major data breach of 2025-2026 tracked in one place. Find out if you were affected, check active settlement deadlines, and get clear steps on what to do next.
Tracked Breaches
17
Critical
10
Open Settlements
4
Coverage
9
/Latest Breaches
Last updated: May 2026
/Common Questions
QWhat is a data breach and how does it happen?
A data breach is when unauthorised individuals access, steal, or expose private information held about you. Breaches happen through hacking, phishing attacks on employees, misconfigured cloud storage, ransomware, or insiders leaking data. Stolen information typically includes email addresses, passwords, phone numbers, Social Security numbers, payment card details, and home addresses.
QHow do I know if I was affected by a data breach?
Companies are legally required to notify affected customers but notifications can take weeks or months. The fastest free check is HaveIBeenPwned.com, which tells you which known breaches contain your email address. For breaches with active settlements, the settlement administrator's website will have an eligibility checker - links are included in the entries above where available.
QWhat should I do immediately after a data breach?
Change your password for the breached service and everywhere you reused it. Enable two-factor authentication. Monitor your bank statements and credit report. If Social Security numbers were exposed, place a free credit freeze at Equifax, Experian, and TransUnion. If a settlement is open, file a claim before the deadline - most pay between $25 and $350 per person with no lawyer needed.
QCan I claim compensation from a data breach settlement?
Yes, when a class-action settlement has been reached. AT&T, T-Mobile, Google, and Yahoo have each paid out hundreds of millions of dollars to affected customers. You file a claim online through the settlement administrator's site - no lawyer required. Flat payments typically range from $25 to $100, while those who can document actual financial harm can claim significantly more.
/How We Rate Breaches
CRIT
Critical
Highly sensitive data at massive scale - Social Security numbers, financial accounts, medical records, or credentials affecting tens of millions. Immediate action required.
MAJ
Major
Significant personal data exposed - names, emails, phone numbers, partial payment data - typically affecting millions. Elevated risk of phishing and account takeover.
MOD
Moderate
Limited data types or smaller numbers of affected individuals. Lower immediate risk but still warrants password changes and monitoring.
ONG
Ongoing
Breach is active or investigation incomplete. Scale and data types not yet fully confirmed. Check back as reporting develops.
Disclaimer: This tracker is compiled from public breach disclosures, regulatory filings, and verified reporting including Tech.co, Security Boulevard, PKWARE, and BrightDefense. Settlement deadlines and amounts are subject to change. Always verify claim details directly with the official settlement administrator before submitting personal information. Last updated: May 2026.
.avif)
