Home

VCDB

VCDB, short for Veris Community Database, is a publicly accessible repository of cybersecurity incident data collected and curated to support research and analysis. It uses the VERIS framework (Vocabulary for Event Recording and Incident Sharing) to describe incidents in a standardized, machine-readable format. The database focuses on publicly disclosed data breaches and privacy incidents, but also includes other security incidents when information is available.

The dataset aims to enable researchers and practitioners to compare incidents, identify patterns, and study trends

Historically, VCDB emerged from the Veris project and the broader open-security community as a practical implementation

Access and usage: The data is publicly available through the VCDB website and related repositories, with records

Relationship to VERIS: VCDB serves as a real-world, community-sourced companion to the VERIS framework, providing a

across
time,
sectors,
and
regions.
It
compiles
structured
records
that
typically
cover
fields
such
as
date,
victim
organization,
country
or
region,
breach
type,
assets
affected,
and
actor
or
threat
characteristics,
among
other
attributes.
The
emphasis
on
standardized
taxonomy
facilitates
quantitative
analysis
and
cross-study
comparability.
of
the
VERIS
framework.
It
relies
on
volunteer
contributions
from
researchers
and
practitioners
and
has
been
maintained
through
community-driven
releases,
making
incident
data
more
accessible
for
academic
and
industry
work.
commonly
provided
in
CSV
and
JSON
formats.
It
is
frequently
cited
in
academic
papers,
industry
reports,
and
security
analyses
that
address
breach
patterns,
incident
response,
and
risk
assessment.
Users
should
note
that
not
all
incidents
are
captured,
details
may
be
incomplete
or
uncertain,
and
licensing
or
attribution
terms
can
vary
by
release.
large,
standardized
corpus
of
incident
records
for
research
and
analysis.