Knowledge

State of (in)security - Week 1, 2026

Take action: Make sure all MongoDB database servers are isolated from the internet and accessible from trusted networks only. Then patch ASAP! If you can't update your MongoDB instance immediately, disable zlib compression.


Learn More

In the week between Dec. 29, 2025, midnight and Jan. 5, 2026, midnight we witnessed a total of:

  • 7 advisory/vulnerability events
  • 19 incident/data breach events

Week over Week comparison of week 1 2026 vs week 52 2025:

We also shared 1 practical knowledge items


Total impacted individuals via the events of the week

There were a total of 1,055,699 impacted individuals across 9 incidents, with the largest breach being the Illinois Department of Human Services leaks data of 700,000 people incident exposing 705,017 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.

Cause breakdown of incidents

CauseNumber of incidents
Malware, Ransomware and Related Attacks1
Third Party Compromise1

Industry breakdown of incidents

IndustryNumber of incidents
Healthcare5
Finance3
Consulting/Professional Services2
IT/Software/Technology2
Government2
Utilities1
Education1
Insurance1
Transport/Logistics1
Aviation1

 

Read the Event Details of the Week

Knowledge

Vulnerabilities

Incidents

State of (in)security - Week 1, 2026