110 million Notion accounts, one hacker, one very bad week
A hacker has claimed responsibility for a breach of Notion, the productivity app used heavily across the tech industry, with 110 million user records reportedly exposed. It is one of the largest incidents of 2026 so far.
What makes this worse than a typical email dump is what people actually keep in Notion. Its users skew towards startups, tech workers and enterprise teams, and Notion pages routinely hold internal project notes, API keys pasted in for convenience, and sensitive business information. That is a far richer haul than a list of addresses.
Notion has not publicly confirmed the full scope at the time of writing. The breach also lands in a rough month for enterprise security, alongside separate incidents affecting Oracle PeopleSoft servers and ServiceNow, which together suggest the pace of large breaches is picking up.
What to do tonight
If you use Notion, search your workspace for anything sensitive: API keys, passwords, financial details, or credentials pasted into a page and forgotten. Rotate any keys you find. Then check whether your email shows up in known breaches using a service like Have I Been Pwned, and prioritise locking down the accounts that reuse the same password.
This story touches on a sensitive topic. If you are worried about your data after a breach, the calm first step is to check which accounts are affected and secure those first, rather than trying to fix everything at once.