Last Update: 04/05/2026 at 2:50 PM EST
Data Breaches Expose Identity Theft Risks
Coverage from JD Supra, WIRED, and others
Articles
9
Latest Article
03/31
Active Days
583
Executive Summary
Major breaches and exposed databases are leaking sensitive identity data, driving fraud risk and prompting takedowns, notices, and consumer protection advice.
- UpGuard found an unauthenticated cloud database exposing billions of records
- The trove included 2.7 billion Social Security numbers and plaintext passwords
- Researchers said much of the data was aggregated from older breaches before 2016
- The database was taken down after notices to the FBI IC3 and Hetzner
- Congressional investigators linked data broker breaches to more than $20.9 billion in losses
- The report says opt-out pages and no index codes can hide privacy tools
- Recent disclosures spanned PayPal, a French bank registry, Optimizely, CarGurus, Wynn Resorts, and others
Quick Facts
- What: Exposed personal data and breach-driven identity theft risks
- Where: United States Germany France and multiple online services
- Why: Stolen identity data enables fraud and financial loss
- Who: Researchers lawmakers companies and affected consumers
- When: Reports and disclosures covered 2017 through 2025
Coverage Timeline: 583 Days
Featured Article
UpGuard researchers uncover a misconfigured cloud database exposing billions of records in Germany, prompting FBI IC3 and Hetzner to take it down.
Additional Articles
⭐⭐⭐⭐⭐
UpGuard researchers found a massive exposed US-focused dataset of credentials and Social Security numbers in January 2024 hosted on Hetzner; Hetzner removed it after notification.
Panera Bread confirmed a January 28, 2026 cybersecurity incident after researchers associated a 5.1 million account leak with attempted extortion and public data publication.
New York Times Wirecutter outlines in a 2020s U.S.-focused guide how individuals should respond when personal data is exposed in consumer data breaches.
A privacy-focused guide explains how Facebook users worldwide can assess exposure from past data breaches and adopt stronger security, monitoring, and legal-response measures to mitigate ongoing identity risks.
Congressional Democrats on the Joint Economic Committee report over 20.9 billion in consumer losses from identity theft linked to data broker breaches in the United States between 2017 and 2025.
⭐⭐⭐
Figure reports data breach after social engineering in New York on Friday.
Victims in 2024 in the United States, including Tennessee, face a data breach exposing Social Security numbers and other personal data.
PayPal and other organizations disclosed data breaches exposing personal data between July 2025 and December 2025 across multiple regions including the United States and France.