Small Businesses Face Rising Cybersecurity Threats, Report Finds
Small businesses are increasingly adopting cloud computing, AI, and digital tools to boost efficiency and competitiveness, but these advancements come with heightened cybersecurity risks. According to the Identity Theft Resource Center (ITRC) 2025 Business Impact Report, released in December, 81% of U.S. small businesses experienced a cybersecurity breach or data breach in the past year, with over half reporting financial losses between $250,000 and $1 million.
For small businesses operating on tight margins, such incidents can be devastating. Nearly 40% of affected companies were forced to raise prices to offset financial damages, underscoring the severe impact of cyber threats on operations and profitability.
The ITRC report highlights the disproportionate vulnerability of small businesses, which often lack the robust security infrastructure of larger enterprises. Common attack vectors include weak passwords, outdated software, and human error factors that can be mitigated with proactive measures.
While the report outlines seven key cybersecurity practices such as enforcing multi-factor authentication (MFA), regular employee training, and secure data backups it emphasizes that preventive steps are far less costly than recovery efforts. Without adequate safeguards, small businesses risk not only financial losses but also reputational damage and long-term operational disruptions.
Source: https://talkbusiness.net/2026/01/7-essential-cybersecurity-steps-for-every-small-business/
Identity Theft Resource Center - Nonprofit cybersecurity rating report: https://www.rankiteo.com/company/idtheftcenter
"id": "IDT1769504512",
"linkid": "idtheftcenter",
"type": "Breach",
"date": "6/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'location': 'U.S.',
'size': 'small',
'type': 'small businesses'}],
'attack_vector': ['weak passwords', 'outdated software', 'human error'],
'date_publicly_disclosed': '2024-12-01',
'description': 'Small businesses are increasingly adopting cloud computing, '
'AI, and digital tools, leading to heightened cybersecurity '
'risks. According to the ITRC 2025 Business Impact Report, 81% '
'of U.S. small businesses experienced a cybersecurity breach '
'or data breach in the past year, with over half reporting '
'financial losses between $250,000 and $1 million. Nearly 40% '
'of affected companies raised prices to offset financial '
'damages.',
'impact': {'brand_reputation_impact': 'reputational damage',
'financial_loss': '$250,000 - $1,000,000',
'operational_impact': 'price increases to offset financial '
'damages'},
'lessons_learned': 'Preventive steps such as enforcing multi-factor '
'authentication (MFA), regular employee training, and '
'secure data backups are far less costly than recovery '
'efforts.',
'post_incident_analysis': {'root_causes': ['weak passwords',
'outdated software',
'human error']},
'recommendations': ['enforce multi-factor authentication (MFA)',
'conduct regular employee training',
'implement secure data backups'],
'references': [{'source': 'Identity Theft Resource Center (ITRC) 2025 '
'Business Impact Report'}],
'title': 'Rising Cybersecurity Threats for Small Businesses',
'type': ['cybersecurity breach', 'data breach']}