Data breaches are on the rise(nouvelle fenêtre). For businesses, a single breach can result in stolen customer data, regulatory penalties, lost revenue, and lasting reputational damage. Luckily, your team can prevent most breaches with the right mix of security practices, technology, and awareness.
We explain what data breaches are, how they happen, what to do if one occurs, and the essential steps every business should take to keep sensitive data safe. This article covers:
- What is a data breach?
- How do data breaches happen?
- Who causes data breaches?
- Best practices to prevent data breaches
- What to do if you’ve had a data breach
- Frequently asked questions
What is a data breach?
A data breach occurs when unauthorized individuals gain access to sensitive information — such as customer records, financial data, intellectual property, or employee details. This can happen through hacking, insider threats, human error, or even physical theft.
Breaches can be intentional, for example, when cybercriminals steal data to sell, or unintentional, such as when an employee accidentally exposes files. Either way, the consequences can be severe.
How do data breaches happen?
Data breaches can occur in many ways, but they often trace back to preventable weaknesses. Here are some of the most common causes:
Phishing attacks
Cybercriminals trick employees into clicking malicious links or giving away login credentials through fake emails, messages, and voice calls.
Example: A data breach at Qantas(nouvelle fenêtre) exposed the personal details of 5.7 million customers, including names, email addresses, and phone numbers. The attack targeted a third-party call center — hackers will always try to exploit what they perceive to be the weakest link in a company’s security protocols.
Weak credentials
Failing to enforce strong passwords, not using multi-factor authentication (MFA), or granting excessive access rights can make it easy for attackers to break in.
Example: The 2024 Snowflake breach(nouvelle fenêtre) occurred when attackers exploited stolen credentials and gained access to accounts without MFA enabled. At least 160 clients of the cloud computing and analytics company were targeted, including Neiman Marcus, AT&T, Santander Bank, and Ticketmaster/Live Nation.
Misconfigured cloud storage or databases
Open or poorly secured cloud environments (like AWS S3 or Azure Blob containers) can unintentionally expose sensitive data to the internet.
Example: In 2025, a misconfigured Azure container at a recruiting firm exposed 26 million files(nouvelle fenêtre). These files were largely made up of US jobseekers’ resumes, which included names, addresses, emails, phone numbers, and employment histories.
Software vulnerabilities
Attackers exploit unpatched software flaws to run malicious code on your servers, gaining full control.
Example: A critical zero-day exploit was discovered in Microsoft’s SharePoint platform that allows hackers to access the on‑premises SharePoint Server software through an RCE vulnerability. With a severity rating of 9.8 out of a possible 10(nouvelle fenêtre), the issue affected hundreds of companies, including multiple US federal agencies.
Who causes data breaches?
Cyber criminals are the primary culprits. Attackers might target your employees, or they may go after perceived weaknesses in your third-party suppliers or contractors. In some cases, the data breaches could be caused by your employees themselves.
Third-party or supply chain breaches
Even if your systems are secure, a trusted vendor with weak security can create an entry point for attackers.
Example: LVMH (Louis Vuitton Moët Hennessy) was hit by a series of cyberattacks in 2025, with sensitive customer data including names, contact details, and purchase histories being accessed. While the method has not been released by LVMH, reports suggest(nouvelle fenêtre) that hackers targeted a third-party vendor with a voice phishing scam.
Insider threats and human error
Employees, whether careless or malicious, can cause breaches by mishandling data, sharing, credentials, or misconfiguring systems.
Example: A misconfiguration by Football Australia developers exposed personal data(nouvelle fenêtre) after they left plain-text Amazon Web Services (AWS) keys – including secret keys – hardcoded into the HTML page of the Football Australia subdomain. Data including players’ personal information, ticket purchase information, and internal infrastructure were leaked.
How to prevent a data breach: Best practices for businesses
Data protection isn’t a one-time task — prevention requires a layered approach that covers people, processes, and technology. Follow these best practices as a first step to mitigating your risks:
1. Don’t store data you don’t need
The single best way to prevent the leak of sensitive data is not to keep it in the first place. Data minimization is a core data breach prevention principle and is also a GDPR requirement(nouvelle fenêtre) for handling EU citizens’ data.
2. Strengthen access controls
Implement multi-factor authentication (MFA) across all systems and use role-based access to limit who can view sensitive data. When sharing files, regularly review and revoke unnecessary access privileges.
3. Encrypt data
Use end-to-end encryption to ensure that, in the event of a data breach, hackers can’t decrypt your data. Additionally, consider full-disk encryption for company devices and make secure cloud backups of critical information.
4. Patch and update systems
Apply software updates promptly to close known vulnerabilities and use automated updates for company devices. Monitor vendor security advisories for critical patches.
5. Train employees
Conduct regular cybersecurity awareness training, including phishing simulations, and make data protection part of your company culture. Create strong security policies mandating prompt updates and the frequent assessment of potential vulnerabilities.
6. Secure your supply chain
Vet third-party vendors for their security practices and require partners to meet your data protection standards. For this, you can create a vendor security checklist and define your must-have functionalities and data protection policies in your contracts.
7. Ensure your data backups are secure
Keep encrypted backups of critical data in the cloud and on premise. Automate full, incremental, and differential backups at regular intervals, so that you can revert to the last version without any significant losses, if the need to do so ever arises. And make sure you test your restoration procedures regularly to ensure they work — a backup is useless if you cannot use it to restore your data.
What to do if you’ve had a data breach
What if you’ve just learned that your business has suffered a data breach? Acting quickly can significantly reduce the damage and scope of a breach. You can be prepared for the worst with a tested, up-to-date breach response plan that gets activated as soon as a breach is detected. Assign clear roles and responsibilities for handling incidents, to ensure everyone knows what part of the process they’re responsible for and how to work with others successfully to limit damages.
Here’s a non-exhaustive list of things you can do:
- Identify and contain the breach: Disconnect affected systems to prevent further data loss.
- Assess the scope: Determine what data was accessed, who was affected, and how it happened.
- Notify the right parties: After confirming the breach, fulfill regulatory and contractual obligations by informing regulators, customers, and stakeholders.
- Remediate vulnerabilities: Patch systems, strengthen access controls, and review security policies.
- Learn and adapt: Conduct a post-mortem to prevent similar incidents in the future.
Protect your business against data breaches with the right tools
Having a data breach response plan prepared in advance can make this process far smoother — but it’s also essential to use the right tools to protect your business, and a strong business password manager plays a key role in this.
Proton Pass provides you with everything you need to centralize credential management, implement strong password policies, provide and revoke access, and share passwords securely within your team. Plus, we also provide Dark Web Monitoring — if your employees’ credentials are compromised in a data leak, you will receive an alert immediately.
Sign up today to secure your business data and prevent data breaches:
FAQ on data breach prevention
Are small businesses at risk of data breaches?
Yes — small and medium-sized businesses are often targeted because attackers expect weaker security defenses. It’s just as crucial for small businesses to ensure their data is encrypted and GDPR compliant as it is for large enterprises.
What’s the most common cause of data breaches?
The most common cause of data breaches is human error, such as employees falling for phishing scams, misconfiguring security settings, using weak passwords, or having the same password for different services.
Employees should complete regular training in how to create and store strong passwords and identify and report phishing and social engineering attempts.
How often should we review our security practices?
At least quarterly, or whenever new vulnerabilities or threats are discovered.
Is data encryption enough to stop a breach?
Encryption is crucial, but it’s not a silver bullet. A comprehensive security strategy combines encryption with robust access controls, effective monitoring, and thorough employee training.






