View Data Breach Notification Reports, which include how many breaches are reported each year and the number of affected residents.

Version 3 with 517M hashes and counts of password usage ordered by most to least prevalent Pwned Passwords are 517,238,891 real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they re at much greater risk of being used to take over other accounts. They re searchable online below as well as being downloadable for use in other online system. The entire set of passwords is downloadable for free below with each password being represented as a SHA-1 hash to protect the original value (some passwords contain personally identifiable information) followed by a count of how many times that password had been seen in the source data breaches. The list may be integrated into other systems and used to verify whether a password has previously appeared in a data breach after which a system may warn the user or even block the password outright.

The largest reported data leakage as of January 2025 was the Cam4 data breach in March 2020, which exposed more than 10 billion data records. The second-largest data breach in history so far, the Yahoo data breach, occurred in 2013. The company initially reported about one billion exposed data records, but after an investigation, the company updated the number, revealing that three billion accounts were affected. The National Public Data Breach was announced in August 2024. The incident became public when personally identifiable information of individuals became available for sale on the dark web. Overall, the security professionals estimate the leakage of nearly three billion personal records. The next significant data leakage was the March 2018 security breach of India's national ID database, Aadhaar, with over 1.1 billion records exposed. This included biometric information such as identification numbers and fingerprint scans, which could be used to open bank accounts and receive financial aid, among other government services.

Cybercrime - the dark side of digitalization As the world continues its journey into the digital age, corporations and governments across the globe have been increasing their reliance on technology to collect, analyze and store personal data. This, in turn, has led to a rise in the number of cyber crimes, ranging from minor breaches to global-scale attacks impacting billions of users – such as in the case of Yahoo. Within the U.S. alone, 1802 cases of data compromise were reported in 2022. This was a marked increase from the 447 cases reported a decade prior. The high price of data protection As of 2022, the average cost of a single data breach across all industries worldwide stood at around 4.35 million U.S. dollars. This was found to be most costly in the healthcare sector, with each leak reported to have cost the affected party a hefty 10.1 million U.S. dollars. The financial segment followed closely behind. Here, each breach resulted in a loss of approximately 6 million U.S. dollars - 1.5 million more than the global average.

In 2024, the number of data compromises in the United States stood at 3,158 cases. Meanwhile, over 1.35 billion individuals were affected in the same year by data compromises, including data breaches, leakage, and exposure. While these are three different events, they have one thing in common. As a result of all three incidents, the sensitive data is accessed by an unauthorized threat actor. Industries most vulnerable to data breaches Some industry sectors usually see more significant cases of private data violations than others. This is determined by the type and volume of the personal information organizations of these sectors store. In 2024 the financial services, healthcare, and professional services were the three industry sectors that recorded most data breaches. Overall, the number of healthcare data breaches in some industry sectors in the United States has gradually increased within the past few years. However, some sectors saw decrease. Largest data exposures worldwide In 2020, an adult streaming website, CAM4, experienced a leakage of nearly 11 billion records. This, by far, is the most extensive reported data leakage. This case, though, is unique because cyber security researchers found the vulnerability before the cyber criminals. The second-largest data breach is the Yahoo data breach, dating back to 2013. The company first reported about one billion exposed records, then later, in 2017, came up with an updated number of leaked records, which was three billion. In March 2018, the third biggest data breach happened, involving India’s national identification database Aadhaar. As a result of this incident, over 1.1 billion records were exposed.

Explore the historical Whois records related to capital-one-data-breach.com (Domain). Get insights into ownership history and changes over time.

500k User Session Collection This collection is distributed for NON-COMMERCIAL RESEARCH USE ONLY. Any application of this collection for commercial purposes is STRICTLY PROHIBITED. #### Brief description: This collection consists of ~20M web queries collected from ~650k users over three months. The data is sorted by anonymous user ID and sequentially arranged. The goal of this collection is to provide real query log data that is based on real users. It could be used for personalization, query reformulation or other types of search research. The data set includes AnonID, Query, QueryTime, ItemRank, ClickURL. AnonID - an anonymous user ID number. Query - the query issued by the user, case shifted with most punctuation removed. QueryTime - the time at which the query was submitted for search. ItemRank - if the user clicked on a search result, the rank of the item on which they clicked is listed. ClickURL - if the user clicked on a search result, the domain portion of the URL i

Between the second quarter of 2022 and the third quarter of 2024, the number of records exposed to account breaches in Thailand fluctuated significantly. Over ******* datasets were reported as having been leaked in the third quarter of 2024, compared to around ******* during the same quarter of the previous year.

Pay attention to the following cybersecurity statistics to learn how to protect yourself from attacks.

Citizens’ concerns about data privacy and data security breaches may reduce adoption of COVID-19 contact tracing mobile phone applications, making them less effective. We implement a choice experiment (conjoint experiment) where participants indicate which version of two contact tracing apps they would install, varying the apps’ privacy preserving attributes. Citizens do not always prioritize privacy and prefer a centralised National Health Service system over a decentralised system. In a further study asking about participants’ preference for digital vs human-only contact tracing, we find a mixture of digital and human contact tracing is supported. We randomly allocated a subset of participants in each study to receive a stimulus priming data breach as a concern, before asking about contact tracing. Salient threat of unauthorised access or data theft does not significantly alter preferences in either study. We suggest COVID-19 and trust in a national public health service system mitigate respondents’ concerns about privacy.

In this document, comprehensive datasets are presented to advance research on information security breaches. The datasets include data on disclosed information security breaches affecting S&P500 companies between 2020 and 2023, collected through manual search of the Internet. Overall, the datasets include 504 companies, with detailed information security breach and financial data available for 97 firms that experienced a disclosed information security breach. This document will describe the datasets in detail, explain the data collection procedure and shows the initial versions of the datasets. Contact at Tilburg University Francesco Lelli Data files: 6 raw Microsoft Excel files (.xls) Supplemental material: Data_Publication_Package.pdf Detailed description of the data has been released in the following preprint: [Preprint in progress] Structure data package The folder contains the 6 .xls documents, the data publication package. Link to the preprint describing the dataset is in the description of the dataset itself. The six .xls documents are also present in their preferred file format csv (see Notes for further explanation). Production date: 01-2024---- 05-2024 Method: Data on information security breaches through manual search of the Internet, financial data through Refinitiv (LSEG). (Approval obtained from Refinitiv to publish these data) Universe: S&P500 companies Country / Nation: USA

Objective: The rapid adoption of health information technology (IT) coupled with growing reports of ransomware, and hacking has made cybersecurity a priority in health care. This study leverages federal data in order to better understand current cybersecurity threats in the context of health IT.

Materials and Methods: Retrospective observational study of all available reported data breaches in the United States from 2013 to 2017, downloaded from a publicly available federal regulatory database.

Results: There were 1512 data breaches affecting 154 415 257 patient records from a heterogeneous distribution of covered entities (P < .001). There were 128 electronic medical record-related breaches of 4 867 920 patient records, while 363 hacking incidents affected 130 702 378 records.

Discussion and Conclusion: Despite making up less than 25% of all breaches, hacking was responsible for nearly 85% of all affected patient records. As medicine becomes increasingly interconnected and ...

The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches that were being sold in the underground years ago. The format of the list is a standard text file sorted in non-case-sensitive alphabetical order. Lines are separated with a newline " " character. You can test the list without downloading it by giving SHA256 hashes to the free hash cracker or to @PlzCrack on twitter. Here s a tool for computing hashes easily. Here are the results of cracking LinkedIn s and eHarmony s password hash leaks with the list. The list is responsible for cracking about 30% of all hashes given to CrackStation s free hash cracker, but that figure should be taken with a grain of salt because s

Over *** billion personal data points were exposed during breaches in Russia in 2023. That was the highest figure over the observed period. To compare, in the previous year, the number of data points exposed stood at approximately *** million.

According to a January 2021 survey of adults worldwide, 66 percent of total respondents agreed on feeling that tech companies hold too much control over their personal data, while only six percent expressed disagreement with the statement. Consumers based in Spain, the United Kingdom, and the United States reported higher levels of concern over data control, with more than seven in ten people feeling that tech companies have too much control over their personal information. While surveyed consumers in Sweden, China, and Indonesia appeared to agree the least with the statement, still more than five in ten reported feeling that tech companies have too much control over their data.

Questionable ethics and security breaches put tech companies under scrutiny

Tech giants, and big tech in particular have been under focus in recent years when it comes to data privacy and consumer-related ethics. While Google has been recipient of not one, but a number of antitrust fines from the EU dating back to 2017, tech giant Yahoo fell victim to various data breaches that resulted in the exposure of 3 billion consumer records in total to date.

User skepticism is growing

No wonder public trust has faltered. The rise of ad-blockers, VPNs and privacy search engines show that consumers are more eager than ever to protect their data online. In the United States, alternative search engine DuckDuckGo saw a surge in popularity from April 2020 - around the start of the COVID-19 pandemic. Meanwhile, over half of those surveyed in the UK said that the public exposure of recent data breaches had impacted their willingness to share personal information. The global pandemic has also hit the tech industry, with companies in the tourism sector taking the biggest blow. Booking.com laid off the highest number of employees during 2020, a total of 4375 members of staff.

Full title: Using Decision Trees to Detect and Isolate Simulated Leaks in the J-2X Rocket Engine Mark Schwabacher, NASA Ames Research Center Robert Aguilar, Pratt & Whitney Rocketdyne Fernando Figueroa, NASA Stennis Space Center Abstract The goal of this work was to use data-driven methods to automatically detect and isolate faults in the J-2X rocket engine. It was decided to use decision trees, since they tend to be easier to interpret than other data-driven methods. The decision tree algorithm automatically “learns” a decision tree by performing a search through the space of possible decision trees to find one that fits the training data. The particular decision tree algorithm used is known as C4.5. Simulated J-2X data from a high-fidelity simulator developed at Pratt & Whitney Rocketdyne and known as the Detailed Real-Time Model (DRTM) was used to “train” and test the decision tree. Fifty-six DRTM simulations were performed for this purpose, with different leak sizes, different leak locations, and different times of leak onset. To make the simulations as realistic as possible, they included simulated sensor noise, and included a gradual degradation in both fuel and oxidizer turbine efficiency. A decision tree was trained using 11 of these simulations, and tested using the remaining 45 simulations. In the training phase, the C4.5 algorithm was provided with labeled examples of data from nominal operation and data including leaks in each leak location. From the data, it “learned” a decision tree that can classify unseen data as having no leak or having a leak in one of the five leak locations. In the test phase, the decision tree produced very low false alarm rates and low missed detection rates on the unseen data. It had very good fault isolation rates for three of the five simulated leak locations, but it tended to confuse the remaining two locations, perhaps because a large leak at one of these two locations can look very similar to a small leak at the other location. Introduction The J-2X rocket engine will be tested on Test Stand A-1 at NASA Stennis Space Center (SSC) in Mississippi. A team including people from SSC, NASA Ames Research Center (ARC), and Pratt & Whitney Rocketdyne (PWR) is developing a prototype end-to-end integrated systems health management (ISHM) system that will be used to monitor the test stand and the engine while the engine is on the test stand[1]. The prototype will use several different methods for detecting and diagnosing faults in the test stand and the engine, including rule-based, model-based, and data-driven approaches. SSC is currently using the G2 tool http://www.gensym.com to develop rule-based and model-based fault detection and diagnosis capabilities for the A-1 test stand. This paper describes preliminary results in applying the data-driven approach to detecting and diagnosing faults in the J-2X engine. The conventional approach to detecting and diagnosing faults in complex engineered systems such as rocket engines and test stands is to use large numbers of human experts. Test controllers watch the data in near-real time during each engine test. Engineers study the data after each test. These experts are aided by limit checks that signal when a particular variable goes outside of a predetermined range. The conventional approach is very labor intensive. Also, humans may not be able to recognize faults that involve the relationships among large numbers of variables. Further, some potential faults could happen too quickly for humans to detect them and react before they become catastrophic. Automated fault detection and diagnosis is therefore needed. One approach to automation is to encode human knowledge into rules or models. Another approach is use data-driven methods to automatically learn models from historical data or simulated data. Our prototype will combine the data-driven approach with the model-based and rule-based appro

The Asia-Pacific data center physical security market is experiencing robust growth, projected to reach $0.53 billion in 2025 and expand at a Compound Annual Growth Rate (CAGR) of 14.50% from 2025 to 2033. This surge is fueled by the increasing adoption of cloud computing, the proliferation of data centers across the region, and heightened concerns about data breaches and cyber threats. Key drivers include stringent government regulations mandating enhanced data security, the rising adoption of advanced security technologies like video surveillance, access control systems, and integrated security solutions, and the growing need for robust physical security infrastructure to protect against both internal and external threats. The market is segmented by solution type (video surveillance, access control, and others), service type (consulting, professional, and system integration services), and end-user sectors (IT & telecommunications, BFSI, government, healthcare, and others). The Asia-Pacific region, particularly countries like China, Japan, South Korea, and India, is witnessing significant investments in data center infrastructure, creating lucrative opportunities for physical security vendors. Market leaders like Axis Communications, Dahua Technology, and Bosch are actively expanding their presence in this rapidly evolving landscape. While the market presents significant opportunities, challenges remain. The high initial investment costs associated with implementing sophisticated security systems can act as a restraint, particularly for smaller data centers. Furthermore, the complexities of integrating various security technologies and managing a diverse range of security solutions pose challenges for data center operators. However, the increasing awareness of data security risks and the availability of cost-effective financing options are likely to mitigate these restraints. The market's future growth is expected to be driven by the adoption of AI-powered security solutions, the growing demand for managed security services, and the increasing focus on improving operational efficiency and minimizing downtime through integrated security solutions. The strong economic growth and rising digitalization in the Asia-Pacific region will further accelerate this market's expansion in the forecast period. This comprehensive report provides an in-depth analysis of the Asia-Pacific data center physical security market, covering the period 2019-2033. With a focus on the estimated year 2025 and a forecast period extending to 2033, this study offers invaluable insights for businesses operating in this rapidly expanding sector. The report leverages data from the historical period (2019-2024) to provide a robust understanding of market trends and future projections, valued in millions of units. Key search terms like data center security, Asia-Pacific security market, physical security solutions, access control systems, and video surveillance are integrated throughout to ensure maximum search engine visibility. Recent developments include: August 2023: Securitas signed an expanded 5-year agreement to provide data center security for Microsoft in 31 countries (including APAC countries), solidifying a strong relationship. The global agreement includes risk management, comprehensive security technology as a system integrator, specialised safety, and security resources, guarding services and digital interfaces. Securitas ensures that the data center physical security program remains innovative, robust, and effective. This demonstrates stability as a collaborator, assisting in navigating the challenges of Microsoft's expanding business., August 2023: Metrasens announced its partnership with Convergint. Through this partnership, Metrasens will provide its advanced detection systems through Convergint’s portfolio offering to its customers.. Key drivers for this market are: Increased Data Center Activities and Investment by the Hyperscale and Colocation Operators, Advancements in Video Surveillance Systems Connected to Cloud Systems. Potential restraints include: Increased Data Center Activities and Investment by the Hyperscale and Colocation Operators, Advancements in Video Surveillance Systems Connected to Cloud Systems. Notable trends are: The IT & Telecom Segment is Expected to Hold Significant Share.

The world has entered the era of the Code War where every digital device, however small and innocuous, can be “weaponised” – as the recent Dyn cyber-attack aptly illustrated – to send “rogue code” deep into the Internet's engine room to create mayhem.
Cybersecurity is critical to almost every business. Yet it is a non-core competence for most boards. The frequency of high profile corporate data breaches may accelerate because CEOs are not sufficiently trained in cyber risks.
Almost every cyber-breach is an “inside job” – whether malicious or accidental – so real-time behavioural analytics is becoming increasingly important as a defense.
Insidt this report, we look at the evolution, nature, growth in cybersecurity technologies and threat. Read More

Overview This dataset is a comprehensive, easy-to-understand collection of cybersecurity incidents, threats, and vulnerabilities, designed to help both beginners and experts explore the world of digital security. It covers a wide range of modern cybersecurity challenges, from everyday web attacks to cutting-edge threats in artificial intelligence (AI), satellites, and quantum computing. Whether you're a student, a security professional, a researcher, or just curious about cybersecurity, this dataset offers a clear and structured way to learn about how cyber attacks happen, what they target, and how to defend against them.

With 14134 entries and 15 columns, this dataset provides detailed insights into 26 distinct cybersecurity domains, making it a valuable tool for understanding the evolving landscape of digital threats. It’s perfect for anyone looking to study cyber risks, develop strategies to protect systems, or build tools to detect and prevent attacks.

What’s in the Dataset? The dataset is organized into 16 columns that describe each cybersecurity incident or research scenario in detail:

ID: A unique number for each entry (e.g., 1, 2, 3). Title: A short, descriptive name of the attack or scenario (e.g., "Authentication Bypass via SQL Injection"). Category: The main cybersecurity area, like Mobile Security, Satellite Security, or AI Exploits. Attack Type: The specific kind of attack, such as SQL Injection, Cross-Site Scripting (XSS), or GPS Spoofing. Scenario Description: A plain-language explanation of how the attack works or what the scenario involves. Tools Used: Software or tools used to carry out or test the attack (e.g., Burp Suite, SQLMap, GNURadio). Attack Steps: A step-by-step breakdown of how the attack is performed, written clearly for all audiences. Target Type: The system or technology attacked, like web apps, satellites, or login forms. Vulnerability: The weakness that makes the attack possible (e.g., unfiltered user input or weak encryption). MITRE Technique: A code from the MITRE ATT&CK framework, linking the attack to a standard classification (e.g., T1190 for exploiting public-facing apps). Impact: What could happen if the attack succeeds, like data theft, system takeover, or financial loss. Detection Method: Ways to spot the attack, such as checking logs or monitoring unusual activity. Solution: Practical steps to prevent or fix the issue, like using secure coding or stronger encryption. Tags: Keywords to help search and categorize entries (e.g., SQLi, WebSecurity, SatelliteSpoofing). Source: Where the information comes from, like OWASP, MITRE ATT&CK, or Space-ISAC.

Cybersecurity Domains Covered The dataset organizes cybersecurity into 26 key areas:

AI / ML Security

AI Agents & LLM Exploits

AI Data Leakage & Privacy Risks

Automotive / Cyber-Physical Systems

Blockchain / Web3 Security

Blue Team (Defense & SOC)

Browser Security

Cloud Security

DevSecOps & CI/CD Security

Email & Messaging Protocol Exploits

Forensics & Incident Response

Insider Threats

IoT / Embedded Devices

Mobile Security

Network Security

Operating System Exploits

Physical / Hardware Attacks

Quantum Cryptography & Post-Quantum Threats

Red Team Operations

Satellite & Space Infrastructure Security

SCADA / ICS (Industrial Systems)

Supply Chain Attacks

Virtualization & Container Security

Web Application Security

Wireless Attacks

Zero-Day Research / Fuzzing

Why Is This Dataset Important? Cybersecurity is more critical than ever as our world relies on technology for everything from banking to space exploration. This dataset is a one-stop resource to understand:

What threats exist: From simple web attacks to complex satellite hacks. How attacks work: Clear explanations of how hackers exploit weaknesses. How to stay safe: Practical solutions to prevent or stop attacks. Future risks: Insight into emerging threats like AI manipulation or quantum attacks. It’s a bridge between technical details and real-world applications, making cybersecurity accessible to everyone.

Potential Uses This dataset can be used in many ways, whether you’re a beginner or an expert:

Learning and Education: Students can explore how cyber attacks work and how to defend against them. Threat Intelligence: Security teams can identify common attack patterns and prepare better defenses. Security Planning: Businesses and governments can use it to prioritize protection for critical systems like satellites or cloud infrastructure. Machine Learning: Data scientists can train models to detect threats or predict vulnerabilities. Incident Response Training: Practice responding to cyber incidents, from web hacks to satellite tampering.

Ethical Considerations Purpose: The dataset is for educational and research purposes only, to help improve cybersecurity knowledge and de...

The U.S. outer continental shelf is a major source of energy for the United States. The rapid growth of oil and gas production in the Gulf of Mexico increases the risk of underwater oil spills at greater water depths and drilling wells. These hydrocarbons leakages can be caused by either natural events, such as seeping from fissures in the ocean seabed, or by anthropogenic accidents, such as leaking from broken wellheads and pipelines. In order to improve safety and reduce the environmental risks of offshore oil and gas operations, the Bureau of Safety and Environmental Enforcement recommended the use of real-time monitoring. An early warning system for detecting, locating, and characterizing hydrocarbon leakages is essential for preventing the next oil spill as well as for seafloor hydrocarbon seepage detection. Existing monitoring techniques have significant limitations and cannot achieve real-time monitoring. This project launches an effort to develop a functional real-time monitoring system that uses passive acoustic technologies to detect, locate, and characterize undersea hydrocarbon leakages over large areas in a cost-effective manner.

In an oil spill event, the leaked hydrocarbon is injected into seawater with huge amounts of discharge at high speeds. With mixed natural gases and oils, this hydrocarbon leakage creates underwater sound through two major mechanisms: shearing and turbulence by a streaming jet of oil droplets and gas bubbles, and bubble oscillation and collapse. These acoustic emissions can be recorded by hydrophones in the water column at far distances. They will be characterized and differentiated from other underwater noises through their unique frequency spectrum, evolution and transportation processes and leaking positions, and further be utilized to detect and position the leakage locations.

With the objective of leakage detection and localization, our approach consists of recording and modeling the acoustic signals induced by the oil-spill and implementing advanced signal processing and triangulation localization techniques with a hydrophone network.

Tasks of this project are: 1. Conduct a laboratory study to simulate hydrocarbon leakages and their induced sound under controlled conditions, and to establish the correlation between frequency spectra and leakage properties, such as oil-jet intensities and speeds, bubble radii and distributions, and crack sizes. 2. Implement and develop acoustic bubble modeling for estimating features and strength of the oil leakage. 3. Develop a set of advanced signal processing and triangulation algorithms for leakage detection and localization.

The experimental data have been collected in a water tank in the building of the National Center for Physical Acoustics, the University of Mississippi from 2018-2020, including hydrophone recorded underwater sounds generated by oil leakage bubbles under different testing conditions, such as pressures, flow rates, jet velocities, and crack sizes, and movies of oil leakages. Two types of oil leakages (a few bubbles and constant flow bubbles) were tested to simulate oil seepages either from seafloors or from oil well and pipe-line breaches. Two types of gases were investigated (nitrogen and methane). These data were analyzed for acoustic bubble modeling, oil leakage characterization, and localization.

This dataset contains programs and algorithms. The folders of the dataset are described as follows: • the folder of “signal processing programs†contains programs (LabView VIs) for instrument control, data acquisition, and signal processing. • the folders of “modeling algorithms†contains algorithms (Matlab m-files) for acoustic bubble sound modeling. • the folder of “localization algorithms†contains algorithms (MatLab m-files) for oil leakage source localization.

More details of this dataset can be found in the corresponding ReadMe files in each folder. Associated data may be found in S3.x911.000:0001 (bubble sound characterization and modeling data, doi:10.7266/3REPB7QM); S3.x911.000:0002 (test data, doi: 10.7266/NPYZ3XFV); S3.x911.000:0003 (raw sound data and validation of modeled source positions, doi: 10.7266/4S9EBZKX); S3.x911.000:0005 (imagery of the laboratory experiment, doi: 10.7266/BZY62EK0).

This database includes the code used to analyze and produce the results for the following research article: Minimizing Search Areas for Leak Detection in Water Distribution Networks by B. Snider, G. Lewis, A.S. Chen, L. Vamvakeridou-Lyroudia, S. Djordjevic, D.A. Savic. Journal of Hydroinformatics. (Accepted - awaiting publication).