"Launched on Thursday, Proton's Data Breach Observatory aims to scour the dark web for details of breaches that don't reach the likes of regulators' portals, or those that the affected organization simply hasn't acknowledged. Proton said in its announcement that the Data Breach Observatory will launch with a roundup of 2025's incidents to date, identifying 300 million individual records across 794 attacks."
"The Data Breach Observatory will feature only attacks that targeted lone organizations rather than such aggregated cases. Without this exclusion, the number of incidents it would have collected would be nearly double, and the number of affected records would be in the hundreds of billions, Proton said. The Swiss privacy biz said there isn't enough transparency around data breaches, and there is a growing market on the dark web for stolen details, such as credentials and sensitive personal information."
"In 49 percent of cases examined so far this year, passwords featured among the leaked datasets, and sensitive stuff like records related to government services or healthcare were found in more than a third (34 percent). Proton is aiming to update its Data Breach Observatory in near-real time, and responsibly disclose the attacks it finds on the dark web that may otherwise never have gotten the airtime they deserve."
Proton launched the Data Breach Observatory to scour the dark web for breaches that do not appear on regulators' portals or lack organizational acknowledgement. The observatory's initial roundup covers 2025 incidents to date, identifying 300 million individual records across 794 attacks. The dataset excludes aggregated infostealer dumps because those entries often contain duplicated, outdated, or mundane data. Only attacks targeting single organizations are included; including aggregated cases would nearly double incident counts and raise affected records into the hundreds of billions. Passwords appeared in 49% of leaks and government or healthcare records in 34%. The service aims near-real-time updates and responsible disclosure to help vulnerable small and medium businesses.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]