How many data breaches did we see in the first quarter (Q1) of 2026? With 2025 being a record-setting year for data breaches, we can only go up, right? I will tell you! Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for April 17, 2026.
I'm Alex Achten, Vice President of Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we review the latest events and trends in data security and privacy. Today, we will examine our Q1 2026 data breach analysis.
I'm Alex Achten, Vice President of Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we review the latest events and trends in data security and privacy. Today, we will examine our Q1 2026 data breach analysis.
Show Notes
Follow on LinkedIn: linkedin.com/company/idtheftcenter/
Follow on Instagram: instagram.com/idtheftcenter/
Follow on Facebook: facebook.com/IDTheftResourceCenter/
Follow on X: twitter.com/IDTheftCenter
Follow on TikTok: www.tiktok.com/@idtheftcenter_
Show Transcript
How many data breaches did we see in the first quarter (Q1) of 2026? With 2025 being a record-setting year for data breaches, we can only go up, right? I will tell you! Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for April 17, 2026. I'm Alex Achten, Vice President of Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we review the latest events and trends in data security and privacy. Today, we will examine our Q1 2026 data breach analysis.
Before we do that, let’s look back at the last time we broke down our data breach data. It was in our 2025 Annual Data Breach Report. It did not paint a pretty picture. To recap:
The number of data compromises in 2025 (3,322) increased by five (5) percent compared to 2024. In fact, the ITRC set a record for the number of data compromises tracked in a year, up four (4) percent from the previous all-time high in 2023, and a 79 percent jump over five years.
Seventy (70) percent of data breach notices (2,324) did not include attack information, compared to 65 percent in 2024 and 45 percent in 2023.
The Financial Services industry was the most breached (739 compromises), followed by Healthcare (534 compromises), Professional Services (478 compromises), Manufacturing (299 compromises) and Education (188 compromises).
Is there any good news in the data breach data that we saw in the first three months of this year? We saw a lot more of the same. In Q1, the ITRC tracked 780 compromises, leading to just under 140 million victim notices. The good news is that we saw 57 fewer breaches in Q1 2026 versus Q1 2025. The bad news is that a pace of 780 breaches per quarter would still result in over 3,100 breaches.
While Q1 2026 saw fewer breaches than Q1 2025, it saw nearly 45 million additional victim notices. This is in large part due to a data event that affected Under Armour and resulted in 72.7 million victim notices. Other top compromises in the quarter highlighted in the ITRC’s Q1 2026 data breach analysis include SoundCloud (29.8 million victim notices), CarGurus (12.5 million victim notices), Panera Bread (5.1 million victim notices) and QualDerm Partners (3.1 million victim notices).
The Financial Services industry remained the most breached, with 166 compromises reported from January through March. However, Professional Services surpassed Healthcare for the number two spot with 12 more compromises (122 compared to 110). The Manufacturing industry saw 80 compromises, while the Education industry experienced 43 compromises.
Unfortunately, 79 percent of public data breach notices in Q1 lacked actionable information. That is up 11 percent from Q1 2025 and nine percent from full-year 2025. This leaves us more vulnerable than we have ever been to an identity crime.
As the title of this episode states, for most people in the U.S., it is not a matter of if, but when they will get a data breach notice. In fact, it’s not even a matter of when, but of how many notices they will receive. Data breaches continue at a rapid pace, and the information in most of these notices isn't enough for us to know what really happened.
We have to assume we have all been impacted and protect ourselves.
To start, freeze your credit, whether or not you have received a victim notice. There is nothing that you can do to protect yourself that will make a bigger impact.
Also, practice good cyber-hygiene by switching to passkeys when they are offered and using a unique 12+ character passphrase on each account when not. For accounts with passphrases, use multi-factor authentication whenever available to provide an added layer of security. If you are curious about whether you’re practicing good cyber-hygiene, you can take our quiz. Visit www.idtheftcenter.org and click on the banner at the top of the website that reads, “Take Our Quiz.”
The ITRC will continue to track the latest data breaches and trends and bring you the details in our monthly newsletter, In the Loop, and in our quarterly data breach newsletter. You can subscribe to them by visiting our website, www.idtheftcenter.org, and clicking on “Newsletter” under the “Resources” tab.
If you want to know more about how to protect your business or personal information or think you have been the victim of identity theft, fraud or a scam, you can speak with an expert ITRC advisor on the phone, via text message, chat live on the web, or exchange emails during our normal business hours (6 a.m.-5 p.m. PT). Just visit www.idtheftcenter.org to get started.
Thanks again to Sentilink for their support of the ITRC and this podcast. Please hit the like button for this episode and subscribe wherever you listen to your podcasts.
Next week, we will have an episode of our sister podcast, the Fraudian Slip. We will hear from a victim of identity theft as they share their story with ITRC CEO Eva Velasquez. We will return in two weeks with another episode of the Weekly Breach Breakdown. I’m Alex Achten. Until then, thanks for listening.
