Apropos of nothing, our data shows that organizations with "Lexis" in the name have impacted more than 41 million Americans since 2007, with no indication things are slowing down anytime soon.

Every database purchase lets us give free access to 2 underfunded researchers. This year we've granted $15K+ to folks working on everything from healthcare breach patterns to AI privacy risks. Get the database and support both our work and theirs: privacyrights.myshopify.com

This update includes major database improvements, too. We rebuilt grouping algos to better track when one breach generates multiple state filings, and enhanced our categorization models. We've processed 76,000+ notifications since 2005. Full database available at:
privacyrights.myshopify.com

Q1 saw 4 breaches exceed 1M records: Blue Shield (4.7M), DISA Global (3.3M), Community Health Center (1M+), and Southeast Lockton (1M+). We also tracked continued updates on earlier reported breaches: Infosys McCamish's 2023 breach tops the Q1 charts with 6M impacted:
privacyrights.org/data-breaches

Privacy Rights Clearinghouse Q1 2025 Data Breach infographic. Top section shows key stats: 876 breach notifications representing 658 incidents affecting 32.4M people. Center features a bubble chart where circle sizes represent breach impact - largest bubbles show Hacking (400 incidents) and Unknown (249 incidents) breach types, with Healthcare, Business Services, and Financial sectors prominently displayed. Top left includes a list of 10 largest breaches by number of impacted consumers, topped by a notification from Infosys McCamish having reported an updated notification for their 2023 breach indicating a total of 6M impacted. Center shows a US map with dots indicating breach locations, indicating hundreds of breaches across the country, though predictably denser in population centers. Bottom third displays a line graph of historical breach frequency from Jan-March 2025, showing fluctuating patterns with notable spikes. Color scheme uses red/pink for major categories, blue/gray for supporting data. Full statistical breakdowns are listed in side panels.

Here's our Q1 2025 infographic. Healthcare organizations experienced 215 incidents while combined business sectors saw 257. Hacking accounted for 61% of all incidents. Grab the full-res version for your reporting at privacyrights.org/resources-to...

We've just published our May update and Q1 2025 #databreach report. 876 breach notifications came in during Q1, representing 658 distinct security incidents that affected over 32M people. Blue Shield of California led the pack with 4.7M records exposed. Read on:
privacyrights.org/resources-to...

Summary graphic for the data breach chronology, updated March 7, 2025. 72,926 Data Breach Notifications tracked 26,026 Breach notification letters reviewed 8.20 billion individuals impacted

Another month, another... 130 data breaches recorded, impacting 6.9 MILLION. That brings the total for 2025 to 403 and counting.

Graphic showing screenshot of Data Breach Chronology website with 72,361 notifications tracked, 8.16 billion individuals affected, and 25,725 breach notification letters reviewed.

Excited to launch Data Breach Chronology 2.0—a comprehensive U.S. data breach database on #DataPrivacyDay 🔒🛡️ 70K+ breaches tracked, 6.64B records impacted.
Learn more: privacyrights.org/data-breaches