After a data breach: 5-point plan for small businesses

Living in an era dominated by data, increasing numbers of small businesses are investing in robust security measures to protect themselves and their customers from those two dreaded words: DATA BREACH.

Sure to give any business owner the shivers, the consequences of a data breach can be incredibly painful. Significant revenue loss, irreversible damage to brand reputation, and loss of intellectual property are just some of the consequences you can expect with even a minor data breach.


As a small business that's fallen victim to a data breach, it can seem like the end of the world. However, there are a number of ways small businesses can rise from the ashes of a data breach.

In this blog, we'll cover:

Alarming statistics and emerging trends of data breaches

With more than six million data records exposed worldwide through data breaches during the first quarter of 2023, the following statistics only strengthen the need to put a comprehensive cybersecurity plan in place.

  • In the US alone, revenue in the eCommerce market is estimated to reach $1.4 trillion U.S. dollars by 2027.
  • The latest estimates show that, by 2028, the cost of cybercrime worldwide will reach $13.82 trillion U.S. dollars.
  • According to the Cybersecurity and Infrastructure Security Agency (CISA), more than 90% of all cyber attacks begin with phishing.
  • A recent cybercrime study reveals 43% of cyber attacks are aimed at small businesses, with only 14% prepared to defend themselves.
  • A recent consumer report shows that, in the U.S., 83% of consumers will stop spending with a business for several months in the immediate aftermath of a security breach, and over a fifth (21%) of consumers claim they will never return to a business post-breach.

What is a data breach?

A data breach is when confidential, sensitive, or protected information is compromised, leaked, or exposed to an unauthorized party. Even some of the most prestigious companies out there have fallen victim to a company data breach. 

From the earliest data breach that happened in 1984, where 90 million credit records were stolen from TRW credit reporting to Facebook's data breach in 2019 that impacted 533 million users, it seems no one is safe from the wave of data breaches crashing on our shores.

Eavesdropping is a rising problem for small businesses. But, as long as your business's internal IT infrastructure is secure, using VoIP technology is becoming increasingly popular for strengthening small businesses' defences against future data breaches. 

Moreover, VoIP numbers can be encrypted to prevent hackers from eavesdropping whereas analogue numbers cannot. So, a Vonage VoIP number, or similar, could be the answer. 

What are the 5 most common causes of data breaches?

As well as phishing, other common types of digital data breaches to watch out for include:

  • Malware

    Short for malicious software, malware is software programmed to take control of a system or device's operations. It is typically transmitted through malicious email attachments, hidden within click-bait ads, planted within suspect links, or embedded within a website.
  • Ransomware attacks

    Ransomware is a type of harmful malware software. It blocks access to a computer system until an amount of money is paid to release the data.

    In March 2021, one of the largest insurance companies in the US fell foul to the biggest ransomware payment. The Chicago-based business, CNA Financial, paid out an eye-watering $ 40 million to a hacker group based in Russia to restore its systems. Miraculously, even with such a sophisticated cybersecurity attack, they managed to fully recover.
  • Eavesdropping

    Eavesdropping is when a hacker digitally intercepts, modifies or deletes data by accessing it through an unsecured network. After recording sensitive data like passwords, files and financial information, hackers can then use that data for their own nefarious means.

  • Denial-of-service attacks (DoS)

    A DoS attack renders a machine or network unavailable to its intended audience. Typically, this is done by overloading the target with unnecessary traffic requests to flood or crash the system. Often politically or ideologically motivated, the reason behind a DoS attack is often difficult to comprehend.

  • eCommerce domain hijacking

    Security issues can also arise if an accredited registrar subcontracts to a non-accredited registrar, Most top-level domains (TLDs) allow anyone to transfer control of the domain from one registrar to another, which is convenient but adds to the risks. 

    If the worst happens and your eCommerce domain is hijacked, your registrar may be able to reverse the attack and restore your registration information. You can mitigate the risks by using a reputable domain registrar, enabling two-factor authentication and a domain registry lock, and using WHOIS protection to limit the amount of your personal data available on the web. 

What should be the first step if a data breach is suspected?

  • Keep calm

    First things first, keep a cool head! If you panic, you’ll only make the situation worse. Staying calm will not only streamline your communication with staff, customers, and stakeholders, it will also protect vital evidence that could be used to identify and capture the perpetrator further down the line.
  • Contain the data breach

    So, how do you effectively contain a data breach? Well, we've created this helpful checklist for quick reference. 
    • Report certain data breaches to the relevant supervisory authority

      Many countries around the world require this by law to protect personal information. For example, the UK GDPR has introduced a duty on all organizations to report notifiable personal data breaches to the relevant jurisdiction within 72 hours. Any longer, and you must provide reasons for the delay. 

      Small businesses without adequate GDPR training also put themselves at risk of suffering hefty fines.
    • Disconnect the network from the internet immediately 

      It’s best to disconnect all connected networks, systems, and devices as soon as a breach is discovered — even if you don’t yet know whether it’s internal or external. That way, the hacker won’t be able to continue using these systems. However, don’t start deleting data, as you’ll need the evidence to find out what happened.
    • Disable remote access capability and wireless access points

      You also need to remove remote and wireless access to your data, or at least restrict access only to those who absolutely need it. This will prevent cyber attackers from gaining access via employee permissions. 
    • Change all company passwords

      Lock credentials and save old passwords for further analysis. Using complex passwords with 10+ characters is recommended. Best practice for virtual phone number security starts with using secure passwords to access virtual phone systems that are regularly updated.

      Generally safer than analogue telephone lines, virtual phone numbers are increasingly popular with small businesses that wish to protect themselves from data breaches. So, it’s definitely worth looking into how to get a virtual phone number

      You could also add a security alert to your credit reports. This will alert lenders processing credit applications in your name that you may be at risk of fraud or identity theft. A fraud alert will stay on your credit report for one year and can be renewed when it expires.
    • Create a record of the whole incident

      Be sure to include how you discovered the suspected breach, the date and time, and all actions taken from the beginning to the end of the incident. This will also help you develop your own data breach response plan if you don't already have one. 

      If you can tick all of these points off within 48 hours of being hacked, there is light at the end of the tunnel for even the most catastrophic data breach.

What are the 5 steps to the data breach response plan?

Now you’ve contained the data breach, but how do you move forward? An effective data breach incident response plan should follow these 5 steps.

  1. Identify

    As we’ve briefly covered above, speed is of the essence when identifying company data breaches. Ways to identify, remove it from the system and start recovering include automated threat-detection tools and training your own Data Breach Response Team to spot suspicious activity.

    From choosing a secure password to protect documents to ensuring security updates are carried out, there are a variety of options to protect confidential information.
  2. Investigate

    To determine the extent of the damage, carry out an initial investigation. Document any sensitive data that may have been jeopardized.
  3. Immediate action

    Now you understand what's happened and how to quarantine the affected areas and begin the healing process. If you're looking to generate a secure, accessible, and unified storage system to protect your company's sensitive data, you could look into cloud data integration. Designed to bring data from a wide range of different sources, including customer interactions, cloud data integration can help you make better decisions all around.
  4. Interpret

    With all the relevant information in hand, the next step is to analyze it all. This will help you to unravel the extent of the breach, get to the root cause, and grasp the true scale of the data compromised.
  5. Improve

    So, you fully understand how the data breach transpired and should be confident that all unauthorized access points are closed. Depending on the type of data breach, long-term recovery plans should follow a similar route; diarise responsibilities, prioritize tasks, and designate duties. Initiating an effective time management schedule for each task will help you close the incident within a reasonable time scale for all parties affected.

To keep both employees and customers happy, ACD systems are helping increasing numbers of small businesses organize and manage overwhelming amounts of incoming calls. Often encrypted for maximum protection against hackers, ACD empowers your team to handle calls more efficiently and securely.

Take action to protect your business

There has never been a better time for small businesses to protect themselves from destructive data breaches and opportunist hackers. The answer? Well, your best bet is to put early preventive measures into place.

Most data breaches involve a human element in some way or another. Therefore, it’s also important to take a proactive approach to small business cybersecurity with compliance training for staff. Combined with robust security software that runs alongside firewalls, anti-virus, and anti-spyware software, and a comprehensive data breach incident response plan, you’ll have all bases covered in the fight against cybercrime.

CTA - Security Awareness Training