Data Breach Observatory
Four in five small businesses have suffered a recent data breach. And a single incident can cost a small firm over $1 million. So why don’t we hear more data breach news?
Proton isn’t waiting for breaches to be reported. Instead, we go to the dark web and track leaks in real time. Click below to see if you’re affected, and to reduce your risk, use a business password manager.
Hallmark
United States
Retail & Wholesale Trade
30,000 employees
Data sensitivity: Critical
Records exposed: 2.8 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address
Circle
United States
Technology & IT
20 employees
Data sensitivity: Critical
Records exposed: 1.5 million+
Compromised data: Name, physical address, postal code, phone number, email address
Baydöner
Türkiye
Food & Hospitality
840 employees
Notes
Confirmed attribution via a third-party incident
Data sensitivity: Critical
Records exposed: 2.7 million+
Compromised data: Name, date of birth, physical address, phone number, email address, username, password
Canada Goose
Canada
Retail & Wholesale Trade
3,942 employees
Notes
Confirmed attribution via a third-party incident
Data sensitivity: Critical
Records exposed: 921,457
Compromised data: Name, physical address, phone number, email address
Brillen.de
Germany
Retail & Wholesale Trade
188 employees
Data sensitivity: Critical
Records exposed: 1.5 million+
Compromised data: Name, date of birth, postal code, phone number, email address
GDQuest
France
Technology & IT
8 employees
Data sensitivity: Low
Records exposed: 66,339
Compromised data: Email address, username
Crunchbase
United States
Technology & IT
153 employees
Data sensitivity: Critical
Records exposed: 1.5 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, username
SoundCloud
Germany
Media & Entertainment
945 employees
Data sensitivity: Moderate
Records exposed: 29.8 million+
Compromised data: Name, email address
WhiteDate
United States
Media & Entertainment
Unknown
Data sensitivity: Critical
Records exposed: 6,640
Compromised data: Date of birth, physical address, postal code, email address, username, medical information
Figure Lending LLC
United States
Insurance & Financial Services
530 employees
Data sensitivity: Critical
Records exposed: 3 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, password, social security number
Qantas Airways
Australia
Transportation & Logistics
11,467 employees
Data sensitivity: Critical
Records exposed: 11.8 million+
Compromised data: Name, date of birth, physical address, phone number, email address
Vietnam Airlines
Vietnam
Transportation & Logistics
6,409 employees
Data sensitivity: Critical
Records exposed: 30.4 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address
Bouygues Telecom
France
Telecommunications
8,937 employees
Data sensitivity: Critical
Records exposed: 6.3 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, IBAN
Miljödata
Sweden
Technology & IT
30 employees
Data sensitivity: Critical
Records exposed: 5.2 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, username, password, ID number
Free
France
Telecommunications
5,665 employees
Data sensitivity: Critical
Records exposed: 19.6 million+
Compromised data: Name, date of birth, postal code, phone number, email address, IBAN
Royal Mail
United Kingdom
Transportation & Logistics
158,592 employees
Notes
Confirmed attribution via a third-party incident
Data sensitivity: Critical
Records exposed: 127,968
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, username, password
Hertz
United States
Consumer Services
25,000 employees
Data sensitivity: Critical
Records exposed: 29.3 million+
Compromised data: Name, email address, username, password
Orange Romania
Romania
Telecommunications
2,366 employees
Data sensitivity: Critical
Records exposed: 3.4 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, username, ID number
Zacks Investment Research
United States
Insurance & Financial Services
390 employees
Data sensitivity: Critical
Records exposed: 5.4 million+
Compromised data: Name, physical address, postal code, phone number, email address, username, password
PhoneMondo
Germany
Telecommunications
5 employees
Notes
Unconfirmed attribution
Data sensitivity: Critical
Records exposed: 10.5 million+
Compromised data: Name, date of birth, physical address, postal code, phone number, email address, username, password, IBAN
Keep your business off this list
Your passwords and multi-factor authentication are your first line of defense against hackers. Learn how thousands of small business leaders streamline password management and protect their data.
About the Data Breach Observatory
- What is the Data Breach Observatory?
The Data Breach Observatory is a project operated and maintained by Proton AG to document cybersecurity incidents affecting small businesses. It's similar to our Internet Censorship Observatory(new window), which provides information about the latest attacks on internet freedom.
- Where do you get your information?
In partnership with Constella Intelligence, we constantly monitor for new data leaked by criminals to the dark web. This helps us protect our customers through features like Pass Monitor in Proton Pass. By analyzing these same dark web databases, we can also produce original, timely research about new data breaches.
- Why report data breach news?
Data breaches are extremely common and extremely under-reported. This creates a dangerous situation for small business owners, who are both at high risk and unaware of the threats they face. By responsibly disclosing breaches and raising awareness, the Data Breach Observatory aims to give consumers and small business owners the tools and information they need to protect themselves.
- Doesn't disclosing recent data breaches harm the businesses?
We believe in responsible disclosure, and we always inform the affected organization in advance of the information being published in the Data Breach Observatory. To help these organizations protect themselves in the future, Proton offers discounts for Proton Pass business plans.
- How are breaches added to the Data Breach Observatory?
Breaches are added to the Data Breach Observatory when datasets are identified and verified by Constella Intelligence. In certain cases, it may take some time for the data to be analyzed before it can be included in the report.
- What data is leaked?
We look out for breaches that include names, email addresses, passwords, financial information, contact details, and other sensitive information. Financial information could include credit cards, bank account details, payment information, tax IDs, and/or Social Security numbers. Contact information includes phone numbers, addresses, location data, and postal codes. Sensitive information could include other vital details like date of birth, ID numbers, passport numbers, license numbers, and health information.
- What types of data make a breach critical?
A breach is classified as critical when it exposes highly sensitive data that significantly increases the risk of account takeover, identity theft, or financial fraud. This includes authentication data (such as passwords or security questions and answers, including details like mother’s name), high-risk personal identifiers (such as government-issued IDs, passports, or physical addresses linked to individuals), financial information, and other sensitive personal data (such as health information or tax identification numbers).
- What does the breach publication date mean?
The date shown in the Breach Observatory refers to the publication date, which indicates when the dataset was identified or made publicly available in the monitored source catalogue. This may differ from the exposure date, which is when the security incident actually occurred. In some cases, threat actors may hold stolen data for months or even years before releasing or sharing it. Using the publication date allows the Observatory to consistently track when breached datasets become publicly accessible.