Data Breaches of 2021: Top Cases & How to Improve Security
Every business had its ups and downs in 2021. We know you had some bad days, but did you have a “We just leaked the personal information of 533 million users!” kind of day?
Facebook woke up to this data breach nightmare in April. Meanwhile, data breaches grew by a massive leap of 17 percent between 2020 and 2021. And all the while, many of us in leadership roles picked up a drink, toasted our good luck, and thought things like, “Well of course someone like them got hit.”
Key Takeaways
- Data breaches grew by 17% between 2020 and 2021, and no business is too small to be a target.
- The value of your data or the ability to hold it for ransom is enough motivation for attackers regardless of your company’s size, profile, or industry. Many breaches are not caused by sophisticated external attacks but by employees who inadvertently leave access points open, making internal security training and access control just as critical as technical network defenses.
- Having an outside expert review your security strategy is one of the highest-return IT investments a business can make, as internal teams often cannot identify the blind spots they have grown accustomed to working around.
Take a look at this breakdown of the Top 10 Data Breaches of 2021 from Security Magazine, and ask yourself these questions:
- How many of these are you aware of?
- Did you know there were so many breaches of this audacity and scope in 2021?
- Are you still thinking this is more likely to happen to other companies?
If the answer to #3 is “yes,” stop what you’re doing. Go write this 100 times on the hardest-to-type-on device you can find so you never forget:
I will not underestimate my value as a target for hackers.
Even if you don’t have the bulk of information, the most sensitive information, or the most high-profile name, your business is at risk right now. Either your data itself or the ability to hold your data for ransom is of value to someone.
Have you considered your data breach defenses from all angles?
This overview on How Data Breaches Happen by Kaspersky is a fast read and an excellent barometer of your level of preparedness. Have you considered security from all of these angles? Many breaches are caused not by a hacker forcing their way in, but by an employee who leaves the door open by accident.
If there’s one area of IT where it pays to have an outside eye review your strategy, it’s security. Our engineers at Inteleca spend every day focused on network architecture for businesses and data centers and the challenges of securing them for a remote, mobile workforce. Contact us here, and one of our engineers will reach out to schedule a call.
FAQs
Why are small and mid-sized businesses at risk of data breaches?
Small and mid-sized businesses are frequently targeted because attackers know their security infrastructure is less mature than that of large enterprises. The value of customer data, financial records, and intellectual property does not scale with company size, but the defenses often do. Ransomware attacks target organizations where operational disruption is most painful, making smaller businesses with underdeveloped network architecture an accessible and attractive target. Retired hardware that has not been securely wiped through a certified ITAD process is another commonly overlooked exposure point that attackers can exploit long after a device leaves the office.
What are the most common causes of data breaches in businesses?
The most common causes include employee error such as clicking phishing links or misconfiguring access permissions, weak or reused passwords, unpatched software vulnerabilities, and improperly retired hardware that still contains sensitive data. A significant share of breaches stem from internal oversights rather than sophisticated external attacks, which is why proactive IT maintenance and monitoring is as important as perimeter defenses. Businesses managing a remote or mobile workforce face additional exposure as devices and network access points outside the office are harder to monitor and secure without proper segmentation and access controls in place.
How can businesses improve their data breach defenses?
Improving data breach defenses requires a layered approach covering network security architecture, access control, employee training, endpoint management, and a clear incident response plan. Regular security audits by an outside expert are particularly valuable as internal teams often overlook vulnerabilities they have grown accustomed to working around. Businesses should also ensure that retired IT equipment is securely wiped or physically destroyed as part of a certified disposition process, since residual data on decommissioned devices is one of the most consistently overlooked breach vectors across organizations of all sizes.
How does network architecture affect data security?
Network architecture directly determines how data flows through an organization, who can access it, and how effectively threats can be contained when they occur. A poorly designed network with weak segmentation or unsecured remote access points gives attackers a much larger surface area to exploit once they gain initial entry. Proper VLAN segmentation and role-based access controls limit the blast radius of any breach and make unauthorized lateral movement significantly harder. For businesses supporting distributed teams, ensuring the network is built to handle remote access securely is a foundational requirement that should be addressed before a breach occurs rather than after.

