Recent BreachesData breach tracker

Recent Breaches › Developers

API & embeddable widgets

Recent Breaches publishes a free, open, CORS-enabled JSON API and a live embeddable widget so you can surface up-to-the-minute breach data on your own site, dashboard, or newsletter. No key, no signup — just a link back to Recent Breaches. Data is cached ~10 minutes.

ShareXLinkedInFacebookRedditWhatsAppTelegram

JSON API

GEThttps://recentbreaches.com/api/breachesLatest ~50 published breaches. Optional ?limit= (cap 200).
GEThttps://recentbreaches.com/api/indexThe live Breach Index aggregate (24h/7d counts, delta, records).
GEThttps://recentbreaches.com/api/kevLatest ~50 CISA Known Exploited Vulnerabilities. Optional ?limit=.
GEThttps://recentbreaches.com/api/healthService health check ({"ok":true}).
GEThttps://recentbreaches.com/feed.xmlRSS 2.0 feed of the latest breaches (alias: /rss).

Example: /api/index

{
  "index_today": 138,
  "delta_pct": 38,
  "count_24h": 11,
  "count_7d": 52,
  "baseline": 7.4,
  "ransomware_7d": 19,
  "records_leaked_7d": "4.2M",
  "critical_7d": 6,
  "updated": "2026-07-11T12:00:00Z"
}

Example: /api/breaches

[
  {
    "title": "Example Corp data breach",
    "organization": "Example Corp",
    "slug": "example-corp-data-breach",
    "url": "https://recentbreaches.com/breach/example-corp-data-breach",
    "severity": "high",
    "date": "2026-07-10"
  }
]

Example: /api/kev

[
  {
    "cve": "CVE-2026-12345",
    "vendor": "Acme",
    "product": "Gateway",
    "name": "Acme Gateway RCE",
    "dateAdded": "2026-07-09",
    "dueDate": "2026-07-30",
    "ransomware": true,
    "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12345"
  }
]

Every endpoint sends Access-Control-Allow-Origin: * and a 10-minute public cache. Endpoints never error out — on trouble they return a JSON {"error":"…"} body with a 200 status.

Embeddable Breach Index widget

Drop the live Breach Index (headline number, 24h delta and the five latest breaches) onto any page with one iframe. It is self-contained, dark, and mobile-friendly:

Copy-paste embed snippet:

<iframe src="https://recentbreaches.com/embed/breach-index" width="340" height="420" style="border:0" loading="lazy"></iframe>

RSS feed

Subscribe to the latest breaches in any reader, or pull them server-side, via https://recentbreaches.com/feed.xml (alias /rss).

Building something with our data?
Attribution (a link back to recentbreaches.com) is all we ask. Check your own exposure while you’re here.
Check if you’re exposed →