- New Proton research finds that 71% of data breaches affect companies with fewer than 250 employees
- The results come from a new proton data leak observatory.
- In 2025, hundreds of billions of compiled records have already been affected.
New Proton research has found nearly 800 confirmed data breaches in 2025, resulting in the exposure of more than 300 million individual records.
According to the company, in 2025, including compilations, the company suffered more than 1,500 breaches, with hundreds of billions of records compromised. Unfortunately, small businesses are the ones least able to afford hacks, but they are also the most vulnerable.
Companies with 10-49 to 50-249 employees accounted for 48% of breach incidents, and firms with fewer than 10 employees accounted for another 23%, meaning the vast majority of incidents (71%) affected companies with fewer than 250 employees.
Retail trade under threat
It will come as no surprise, especially to UK readers, that retailers and wholesalers are the most frequently targeted industry, accounting for just over 25% of breaches. 2025 saw a series of high-profile cyber attacks on UK retailers. Coop and M&S attack the restoration reportedly cost around £300 million.
The most commonly compromised form of personal information is email addresses—the most basic information most sites collect when users register—which occurs 100% of the time.
Likewise, names (90%) and contact information such as phone numbers (72%) are also common components. Less common, but more serious, passwords were found in 49% of cases, and sensitive information such as medical or government records were involved in 34% of breaches.
Findings were discovered after launch Proton Data Leak Observatorya resource that tracks and reports breaches and cyberattacks based on darknet data.
While the numbers may not seem like much – “hundreds of billions” of exposed records signal that almost all of us have had our information compromised – most of us have had it multiple times.
The main danger of such violations is the risk identity theft – because criminals will use your information to obtain loans or credit cards.
We always advise vigilance and constant monitoring of accounts and bank statements to ensure everything is in order. You can also check if your information has been involved in any breaches by using the notification site. I was bannedso you can use this to measure your impact.
The best identity theft protection for any budget
