The Disturbing Facts About Small Businesses That Get Hacked

Small Business

Small business owners who haven’t considered a thorough cybersecurity plan may soon find themselves without a business to protect. During the course of the global coronavirus pandemic, hackers have become more active and empowered than ever. And small businesses have historically had a difficult time recovering from a major security breach.

Through several catastrophic breaches, cybercriminals have gained access to more small businesses than ever before. It’s no longer a legitimate option to simply react to such attacks. Small business owners need to be proactive with their cybersecurity if they want to survive and thrive.

Security Breaches Can Be Devastating to Small Businesses

Innocent individuals and major corporations aren’t the only ones that need to worry about getting hacked. Small businesses are being targeted more than ever before, and the effects can be crippling.

According to CNBC, hackers targeted small businesses 43% of the time, which might be due to the fact that only 14% were prepared to defend themselves.

Different reports have rendered different estimates on the cost of these infiltrations, but none are cheap.

Check out this video on the growing costs of cybercrime:

Cybercrime could cost $10.5 trillion dollars by 2025

The Hiscox Cyber Readiness Report of 2019 stated that the average cost of a cyberattack on a business was $200,000. That’s certainly a tough pill to swallow. But it pales in comparison to the number created by the Ponemon Institute and IBM.

Their 2020 Cost of Data Breach Report stated that the average data breach cost $3.86 million in 2020. That would be a devastating number for many bigger corporations, let alone a small business.

And the fallout is real.

More Troubling Statistics About Small Businesses & Cybersecurity

According to the National Cyber Security Alliance, a whopping 60% of companies go out of business within six months after falling victim to a data breach. That makes total sense considering the high costs of such a breach. But what’s surprising, and tragic, is that most firms still don’t view cyberattacks as a legitimate threat.

Keeper Security’s 2019 SMB Cyberthreat Study found that 66% of senior decision-makers at small businesses believed they were unlikely to be targeted by criminals.

Small business owners need to wake up to the genuine threat of cybercrime. | Source: Twitter

An report drew from data gathered from CEOs of over 1,300 small to mid-size businesses. More than 60% of the firms didn’t have an up-to-date cybersecurity strategy or any strategy at all.

As cybercriminals get smarter and more active, small businesses will need to match their evolution or get left in the dust.

Why Do Data Breaches Cost So Much?

You might be wondering how these reports land on such high figures for the costs of a data breach. It starts with the cost of hiring experts. In most cases, firms will need to conduct a forensic audit to determine how they were infiltrated. Audits can cost anywhere from $10k to over $100k, depending on the size of the business.

In many cases where customer data is leaked, the firms can be fined tens of thousands of dollars for the breach.

Many companies pay the price in time. Each business must conduct a thorough investigation to determine how many people and how many aspects of their company were threatened by the attack. Each individual who may be at risk must be contacted, and that list can get quite large if, say, you own a restaurant and the data from all of your credit card transactions was leaked. If the breach is particularly sinister, aspects of the business may be forced to shut down altogether until the problem is fixed.

Check out this video detailing just how much a major cyberattack can cost:

How one ransomware attack cost £45m to fix - BBC News

But perhaps the biggest cost is reputation. In 2019, Deloitte determined that up to 90% of the total costs in a cyberattack occur ‘beneath the surface.‘ These hidden costs can affect businesses years after a breach. They include loss of trust in the business, diminished brand reputation, and increased costs concerning debt financing. And these costs are not covered by any insurance.

And then there are the potential costs of a cybercriminal asking for a hefty ransom in exchange for your leaked files. Although we recommend not paying ransoms, some firms will inevitably make a different choice.

In almost every case, businesses could greatly reduce costs simply by having a plan in place.

How Can You Protect Your Business?

The only way to protect your business is to be prepared. First and foremost, you should consult with a cybersecurity expert ( does provide those services). Budget allowing, you should have an expert in place to respond to any type of breach.

Small Business
Small business owners should be aware of news like this that could affect the security of their company. | Source: Twitter

But even if you can’t afford to hire a full-time cybersecurity position, there are simple steps you can take to mitigate risk.

  • Require long, varied passwords for any sensitive accounts
  • Enable two-factor authentication for any sensitive accounts
  • Invest in basic cybersecurity training so employees can avoid common pitfalls such as social engineering
  • Install and regularly update anti-virus software
  • Limit employees’ access to sensitive data
  • Conduct regular vulnerability tests and risk assessments

And if you think you’ve been hacked or you just want to get proactive on your cybersecurity journey, don’t hesitate to reach out to us.

Featured image by dp.VUE.images from

Aaron Weaver is the Head of Content for He has over 15 years of journalism experience. As a tech-savvy editor and researcher, he prides himself on journalistic integrity by providing cutting edge data backed by the latest science.

[email protected]

We have been recommended to clients by employees at FBI and local law enforcement in the United States. For references, please send us an email.


Read all of our reviews here.

Our Locations