Breaches in your own organization or those of your vendors can result in significant damage to your finances, reputation, and IT infrastructure. What makes them even more problematic is that you may not be aware of a breach until you learn of it from external sources, such as government agencies or the news media. During the time between the breach event and your awareness of it, threat actors can cause even more damage.
A breach occurs when there is a loss of control over data, potentially compromising its confidentiality, integrity, or availability, and affecting the entity that owns the data.
How are breaches discovered?
SecurityScorecard's in-house data crawlers continuously collect news articles, government advisories, Dark Web postings, ransomware reports, and other sources of breach intelligence from around the world. However, breaches listed on this page are sourced from government advisories and news articles. Our AI-powered translation and analysis tools ensure that the information is accurate.
Note: Breaches shown on this page may impact your score if they are associated with your own company, a vendor, or a supplier.
Types of breaches
Confirmed breach
The affected company confirms the breach through its own statement. This can be done by reporting to the U.S. government or state agencies, international agencies, or via more than one reputable news source.
Third-party breach
A breach resulting from a relationship with a third-party provider, even if the compromised company denies responsibility. If your vendor is breached and your data is exposed, you bear responsibility for that exposure regardless of who was directly at fault.
Negligence incident
The loss or theft of sensitive materials — such as laptops or notebooks — due to negligence, whether internal or external.
Ransomware breach
A breach enabled by ransomware. A ransomware event is only classified as a breach if it is confirmed by a source other than the ransomware group's extortion site or ransomware aggregator sites.
What is not a breach?
Unsubstantiated reports
A single news article or claim without corroboration from other reputable sources, government agencies, or the company itself is not considered a breach. If you believe a breach has been incorrectly included or excluded, contact our support team.
DDoS attacks
Distributed Denial-of-Service attacks or other cyber events that cause service disruption without actual data compromise are not breaches.
Unverified incidents
Reports suggesting a breach without widespread agreement or credible evidence are not classified as breaches until further information is available.
Leaked credentials
Stolen usernames and passwords offered for sale on the dark web are not necessarily the result of a breach.
To view breach incidents in the platform, see How to view breach incidents.