DataBreaches.net

https://databreaches.net/

Long-running independent breach tracker run by Dissent Doe; primary aggregator for breach disclosures (often the first to publish state AG breach-notification filings, hospital/clinic disclosures, education-sector incidents). WebFetch returns HTTP 403 (re-confirmed 2026-05-08; RSS at /feed/ also 403's). REQUIRED FETCH METHOD: `python3 tools/fetch_source.py url https://databreaches.net/` (host added to bridge allowlist 2026-05-08). NB: the bridge ALSO returns 403 from some egress IPs (the publisher's WAF appears to have IP-reputation rules in addition to UA filtering). If the bridge fails, surface as a coverage gap rather than retrying. Discovery layer: trace each breach back to the victim's own statement or regulator filing before citing. |. Sustained 403 = transport block, no demote; needs alternate-URL strategy or replacement. | 2026-06-20 full audit (v2.62): RECOVERED via the Chrome-138 UA + Sec-CH-UA client hints. FETCH → `feed https://databreaches.net/feed/` returns 200 with dated breach disclosures (the HTML homepage is still 403 — skip it). Discovery: trace each breach to the victim statement / regulator filing before citing. fetch_method bridge→rss; +ransomware. | 2026-06-20 v2.64 fetch-waste review: KEPT — the /feed/ RSS carries ~1.4 KB article bodies per item (readable without drilling). Confirmed full-content feed.