Please fill in the form below to subscribe to our blog

10 SMB Data Breach Statistics You’ll Want to See

November 18, 2021

These 10 SMB Data Breach Statistics Show What a Dangerous World It Is for Your Data 


A data breach is a nightmare for any company, and it’s one that more businesses in more industries are having to face today. About 85% of IT professionals foresee a data breach at their organization in the next 12 months. Cybercriminals are hungry for data that they can sell in booming dark web data markets for a hefty profit, spawning an unprecedented increase in data-focused cybercrime that’s rocking organizations of every size in every sector – and it isn’t going to stop anytime soon. 


Learn how to defeat terrifying cybersecurity monsters to keep systems & data safe in a dark world! READ IT IF YOU DARE!>>


10 SMB Data Breach Statistics You’ve Got to See 


  1. The number of recorded data breaches in 2021 has exceeded the total number of events 2020 by 17%, with 1,291 breaches in 2021 compared to 1,108 breaches in 2020 
  1. More than 60% of breaches result from misused, stolen or purchased credentials 
  1. An estimated 85% of data breaches involve a human element.  
  1. Phishing is the top threat action that results in a breach  
  1. The number of breaches that involve ransomware has doubled  
  1. 34% of data breaches involve internal actors 
  1. Over 80% of breaches are discovered by external parties. 
  1. An estimated 36% of organizations worldwide had a cloud data breach in the past 12 months 
  1.  74% of organizations in the United States have fallen victim to a successful phishing attack that resulted in a data breach in the last 12 months 
  1. The US is the leader in phishing-related data breaches for 2021 so far, with rates 30% higher than the global average, and 14% higher than the same period in 2020. 

90% of MSPs have had clients hit with a ransomware attack in the last 12 months. Help your clients build stronger defenses with the insight in Ransomware Exposed! DOWNLOAD NOW>>


The Cost of a Data Breach is Stunning & Remote Workers Make It Worse 


In this year’s IBM Cost of a Data Breach Report, researchers determined that the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study.    

The cost of a data breach can change significantly depending upon the initial attack vectors including the top three most common: compromised credentials (20% of breaches), phishing (17%) and cloud misconfigurations (15%).   

The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information – the most frequently breached and the most expensive at $180 per record.   

The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million.   

Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at $9.23 million is the industry with the most expensive data breach costs.   

Organizations that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days. 

Companies supporting a remote or hybrid workforce experienced an increase of up to $1 million more when a data breach occurred, with the highest rates of $4.96 million in comparison to $3.89 million. 


Are you ready to slay the Monsters of Cybersecurity? This checklist tells you what you’ll need to succeed! GET CHECKLIST>>


A Host of Factors Are Increasing Cloud Data Breaches 


Cloud Data Brings Complications

The State of Cloud Security 2021” asked IT professionals about the circumstances that influence a company’s chance of a possible cloud data breach and these were the factors that they pointed to: 

32% say too many APIs and interfaces to govern    

31% cite lack of adequate controls and database oversight   

27% point to lack of policy awareness around data security  

23% blamed old-fashioned negligence     

21% said they are not checking Infrastructure as Code (IaC) prior to deployment   

20% admitted outright that their IT team oversight is at fault 

Booming Dark Web Data Markets Drive Data Theft

Most Prevalent Types of Data Stolen in Breaches   

Credentials: 60%  

Personally Identifying Data (PII): 40%  

Medical Data: 10%  

Bank Data: 10%  

Internal Data: 10%  

Payment Data: 10% 

Source: Verizon Data Breach Investigations Report 2021 


security awareness training cuts costs represented by a bright blue-white digitized dollar bill on a red, white and navy background of computer code

Dive into a stream of new revenue with The Tools and Techniques for MSPs to Close More New Clients. WATCH NOW>>


Is Your Organization Ready to Protect Your Valuable Data? 


Protecting a business from increasing data breach risk can be a challenge, especially when you’re trying to do it n a budget. The ID Agent digital risk protection platform provides the tools that businesses need to stay safe from cybercrime, as these businesses discovered. Our solutions address operational issues as well as constantly rising cybercrime risk, enabling companies to get twice as much value out of security expenditures. That value doesn’t just stop at the point of purchase – we’re constantly innovating to keep you a step ahead of cybercriminals.

Passly includes an array of identity and access management tools cited by experts as key security moves that add immediate protection against human error disasters. Your savings and benefits begin immediately with robust functionality. Essentials like multifactor authentication and single sign-on make remote management and access control easy. Automated password resets will make your IT team happy and give them more time.  

Dark Web ID enables you to get a clear picture of your company’s credential compromise threats from dark web sources. Our 24/7/365 always-on monitoring alerts businesses to credentials appearing on the dark web that may have been stolen or phished to mitigate the risk of bad actors using a stolen password to gain access to your systems and data. Automated alerts and reporting means that your team doesn’t need to spend time staring at a dashboard or pulling reports.  

BullPhish ID improves your staff’s security awareness and increases phishing resistance. But they’ll learn about much more than just phishing including compliance, password safety, security hygiene and more, giving every employee a solid grounding in cybersecurity pitfalls and best practices. Choose from our plug-and-play complete training modules and phishing simulations or customize the content to reflect the unique industry risks those employees face daily.  

See them in action in these short demonstration videos: https://www.idagent.com/learn-more  

The ID Agent digital risk protection platform has the strong solutions that every business needs to protect their systems and data from today’s biggest threats. Contact our solutions experts today to learn how your business can benefit and receive a free, personalized demonstration.


Is Cryptocurrency risk one of 2021's biggest threats

Are you ready to fight back against cybercrime? See where 2021’s threats are coming from and what’s next. DOWNLOAD THE REPORT>>