The Privacy Rights Clearinghouse keeps a comprehensive Chronology of Data Breaches, and includes Type of Breach and Type of Business.
It gives you the threat vector (type) but does not include technical details.
I often check Google to research root cause technical details to understand the nature of a big hack, and the vulnerability. Sometimes it’s easy to track down good technical articles on the causes of the breach. Other times there does seem to be much disclosure, as the other answer suggests. No one wants to really say what vulnerability they left unprotected.