Each year, cybercriminals devise new methods to pilfer money and information from enterprises. Infiltrating a company’s network, extracting sensitive data, and vending it on the dark web has become a lucrative venture.
However, in 2025, data breaches targeting small and medium-sized businesses (SMBs) challenged conventional beliefs regarding the types of businesses cybercriminals target. These breaches shed light on vital learnings and the most effective strategies for SMBs to safeguard themselves in the upcoming year.
Reviewing the Data Breaches of 2025
Prior to 2025, hackers predominantly targeted large corporations due to their abundant resources. It was commonly assumed that smaller businesses were less susceptible to cyberattacks because they held less valuable assets.
Nonetheless, recent security research from the Data Breach Observatory reveals a shift in this trend: SMBs are now more prone to cyber threats. This shift is attributed to larger companies enhancing their cybersecurity measures and refusing to pay ransoms. Consequently, cybercriminals are turning their attention towards smaller businesses where they perceive vulnerabilities.
While the returns from attacking SMBs may be modest, cybercriminals compensate by increasing the volume of attacks. With limited resources to fortify their networks, smaller businesses have become prime targets, with four out of five experiencing recent data breaches.
An analysis of some notable data breaches and the affected companies reveals a pattern and highlights areas of weakness. Here are three significant SMB data breaches from 2025:
- Tracelo — Over 1.4 million records were stolen from this American mobile geolocation firm by a hacker known as Satanic. The compromised data, including customer names, addresses, phone numbers, email addresses, and passwords, were put up for sale on the dark web.
- PhoneMondo — Hackers infiltrated this German telecommunications company, pilfering over 10.5 million records. The leaked information encompassed customer names, dates of birth, addresses, phone numbers, email addresses, usernames, passwords, and IBANs.
- SkilloVilla — The team behind this Indian edtech platform failed to safeguard the extensive customer data collected, resulting in the leakage of over 33 million records on the dark web. Customer details like names, addresses, phone numbers, and email addresses were exposed.
Key Takeaways
Examining these breaches and the broader data breach landscape unveils trends that defined 2025:
- SMBs were the primary targets for hackers in 2025, accounting for 70.5% of the breaches recorded by the Data Breach Observatory. This underscores the heightened vulnerability of companies with 1 to 249 employees to cybersecurity threats.
- Industries such as retail, technology, and media/entertainment were the most frequently targeted.
- Names and contact information were the most prevalent records on the dark web, elevating the risk of phishing attacks on employees. Names and emails featured in nine out of ten data breaches.
Considering these trends, it is probable that hackers will persist in targeting SMBs in the forthcoming year. If your business falls within this category, the risk of a data breach may be elevated.
Nonetheless, with careful consideration of your business’s sensitive data, storage methods, and protective measures, you can bolster your organization’s security.
Preventing Data Breaches in 2026
Averting a data breach need not be arduous or expensive, provided your business adopts the right strategies and tools.
Implement Two-Factor Authentication
Relying solely on a username and password for access to your business tools exposes your network to significant vulnerabilities. Two-factor authentication (2FA) enhances security by requiring an additional authentication step, such as an OTP code, security key, or biometric login.
Introducing a secondary authentication method not only fortifies your system but also deters unauthorized access.
Enhance Access Control to Your Network
The principle of least privilege dictates that each team member should have access only to the necessary tools and data required for their role. This approach minimizes entry points into your network, thereby safeguarding your organization.
Furthermore, ensuring strong password hygiene, such as creating robust passwords and avoiding password reuse, is essential. Enforce stringent password policies and proactively monitor the dark web for any compromised data related to your business.
Safeguard Sensitive Data
Leaked credentials like passwords and email addresses heighten the risk of phishing attacks and unauthorized account access. Even a single compromised account can lead to a data breach.
By adopting a secure business password manager, you can centralize all business credentials in a secure repository. This tool enables team members to generate strong passwords, autofill them on websites, and securely share credentials when necessary, thereby fortifying crucial entry points into your network.
