Privacy Rights Clearinghouse

Team Subscription Access (Updated 2026-05-17)

$4,500.00 USD

Sale Sold out

Purchase options Multi-user Year-long Access Multi-user Year-long Access (Academic)

Quantity

Privacy Rights Clearinghouse has tracked data breach notifications since 2005. The Data Breach Chronology aggregates breach notification filings from 21 state attorneys general and the U.S. Department of Health and Human Services into a single structured database. 99,289 records and growing, updated weekly.

Weekly updates for a full year. Your download link always serves the latest data. Email notifications on every update. Share across your entire organization. All formats included.

Weekly Updates
Always current breach data

Organization-Wide Access
Share with your entire team

Commercial Integration
Build products with the data

Three Formats
SQLite, Excel, CSV

Built for Integration

Delivery: Automated download link, same stable URL. Email notification on every update. SQLite, CSV, and Excel.
Provenance: All data sourced exclusively from public government filings. Full source URL traceability on every record.
Questions? [email protected]

65 Fields Per Record

Category	What's included
Organization	Normalized name, type (7 categories such as MED, BSF, GOV), subtype (86 classifications such as hospital-health-system, credit-reporting-agency, data-broker), and acceptable name variants for consistent entity tracking across the database.
Breach	Type (7 categories), subtype (36 specific methods such as ransomware, phishing, credential-stuffing), third-party vendor name when the breach originated at a service provider, and a narrative incident summary extracted from the notification letter.
Impact	Total individuals affected, state residents affected, and personal information exposed classified against the 13 information categories defined by the California Consumer Privacy Act (CCPA).
Dates	Reported date, breach start date, breach end date.
Location	Street address, city, state, zip, country, and geocoded latitude/longitude coordinates for spatial analysis.
Corporate identifiers	Where matches exist in public registries: SEC EDGAR (CIK + ticker), GLEIF LEI, NPI, IRS EIN, IPEDS, FDIC, NCUA, and Census Bureau ID. Coverage varies by organization type and the quality of information available in source filings.
Breach event grouping	When the same breach generates notifications in multiple states, or a shared vendor compromise affects many organizations, those filings are linked by a stable group identifier with pre-computed event-level aggregates: combined impact totals, merged timelines, per-organization breakdowns, and vendor event identification.
Source documentation	Original government filing URL, archived notification letter URL, and full extracted notification letter text (SQLite format only).

Complete field documentation (README.pdf) included with every purchase.

Try Before You Buy

1,000-record sample in all three formats:

SQLite | Excel | CSV

Used by researchers at more than 250 institutions across 26 countries. The Data Breach Chronology serves economists modeling supply chain risk, legal scholars studying enforcement gaps, security professionals tracking emerging threats, policy researchers studying patterns in data privacy, and cybersecurity platforms integrating breach intelligence into their products.

This purchase provides a download key valid for one year, allowing unlimited downloads of continuously updated data for all authorized users in your organization. The database updates weekly. The database may be used internally and integrated into your products, but may not be redistributed in its entirety.

View full details