State of (in)security - Week 3, 2026
Take action: Even if you are a cybercrime forum, you still need to be very careful about security practices. Probably even more so, because both criminals and law enforcement are watching. And there is no honor towards a cybercrime forum.
Learn More
In the week between Jan. 12, 2026, midnight and Jan. 19, 2026, midnight we witnessed a total of:
- 25 advisory/vulnerability events
- 21 incident/data breach events
Week over Week comparison of week 3 2026 vs week 2 2025 :
- Advisories and incidents are up. Advisories are up from 19 in week 2 2026 to 25 in week 3 2026. Incidents are up from 19 in week 2 2026 to 21 in week 3 2026.
- The number of known impacted individuals is up - from 19 million in week 2 2026 to 20 million in week 3 2026.
We also shared 1 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 20,673,158 impacted individuals across 4 incidents, with the largest breach being the Endesa Investigates Breach After Hacker Claims Theft of 20 Million Records incident exposing 20,000,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 5 |
| Education | 3 |
| IT/Software/Technology | 3 |
| Finance | 2 |
| Other | 1 |
| Retail | 1 |
| Transport/Logistics | 1 |
| Automotive | 1 |
| Utilities | 1 |
| Consulting/Professional Services | 1 |
| Food and Beverage | 1 |
| Insurance | 1 |
Read the Event Details of the Week
Knowledge
Vulnerabilities
- critical vulnerability | Adobe releases January 2026 patches for multiple products
- critical vulnerability | Advantech patches maximum-severity SQL injection flaw in IoT products
- critical vulnerability | AVEVA Process Optimization Vulnerabilities
- critical vulnerability | Axis Communications Patches Critical Flaws in Camera Management Software
- critical vulnerability | Critical authentication bypass in Güralp Systems seismic monitoring devices
- critical vulnerability | Critical directory traversal vulnerability reported in React Router and Remix
- critical vulnerability | Critical Flaw Reported in AWS CodeBuild
- critical vulnerability | Critical OpenSSH flaw exposes Moxa industrial switches to remote takeover
- critical vulnerability | Critical Security Flaws Reported in Delta Electronics DVP PLCs
- critical vulnerability | Critical SQL Injection and XSS flaws reported in Imaster business software
- critical vulnerability | Critical Unsecured Protocol Vulnerability Reported in Festo Industrial Firmware
- critical vulnerability | Fortinet patches critical remote code execution and data leak flaws
- critical vulnerability | Go Language Releases Security Patches for Multiple DoS and Memory Exhaustion Flaws
- critical vulnerability | Google patches 10 security flaws in chrome 144 update
- critical vulnerability | Google Vertex AI Flaws Allow Low-Privileged Users to Hijack Service Agents
- critical vulnerability | Meta Patches XSS Flaws in Conversions API Gateway Enabling Zero-Click Account Takeover
- critical vulnerability | Microsoft January 2026 Patch Tuesday fixes 114 flaws and actively exploited flaw
- critical vulnerability | Mitsubishi Electric and ICONICS Patch Critical Industrial Software Flaws
- critical vulnerability | OpenCode patches critical RCE flaw in Web UI
- critical vulnerability | Reprompt: The One-Click Attack Stealing Microsoft Copilot Data
- critical vulnerability | SAP January 2026 Security updates patches critical S/4HANA and RCE flaws
- critical vulnerability | ServiceNow patches critical AI Platform flaw enabling user impersonation
- critical vulnerability | Siemens Issues Fix for Maximum Severit flaw in Industrial Edge Devices
- critical vulnerability | Siemens Patches Critical Authentication Bypass in Industrial Edge Device Kit
- critical vulnerability | WhisperPair Flaw Enables Bluetooth Hijacking and Tracking
Incidents
- data breach | Hackers Claim Breach, 600 GB Data Theft from National Auto Loan Network
- data breach | Canopy Healthcare reports six month old data breach exposing patient and staff data
- data breach | Target developer infrastructure offline after alleged 860GB source code theft
- data breach | Bridgewater Law Group Reports Data Breach
- data breach | Pax8 Data Leak Exposes 1,800 MSP Partners
- data breach | Eurail Data Breach Exposes Passports and Bank Details of International Travelers
- data breach | Monroe University Data Breach Investigation
- data breach | Grubhub Reports Cyberattack, Possible Extortion
- data breach | CareOregon and Health Share of Oregon report data breach
- data breach | Bay Area Community Health patient data exposed in year-long third-party breach
- data breach | Betterment investment advisor reports data breach, crypto scam notification
- data breach | BreachForums data leak exposes 324,000 cybercriminal accounts
- data breach | Standard Sales Company reports data breach
- data breach | North Texas Preferred Health Partners reports data breach
- data breach | Victorian department of education reports data breach
- data breach | Endesa Investigates Breach After Hacker Claims Theft of 20 Million Records
- ransomware | Everest Ransomware group claims 900GB data theft from Nissan
- ransomware | Ransomware Attack Causes Patient Relocation at Belgian Hospital AZ Monica
- ransomware | Mid Michigan Medical Billing Service Reports Ransomware Attack, Data Breach
- ransomware | University of Hawaii Cancer Center pays ransom after data breach exposes SSNs
- ransomware | Kyowon Group hit by group-wide ransomware attack via exposed server
