Category: Uncategorized

Dec 24, 2025The Hacker NewsPassword Management / Access Control

Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday.

But in 2025, the data breaches that affected small and medium-sized businesses (SMBs) challenged our perceived wisdom about exactly which types of businesses cybercriminals are targeting.

This article will outline the learnings from key data breaches in 2025 as well as the most effective ways for SMBs to protect themselves in the coming year.

Examining the 2025 data breaches

Prior to 2025, large businesses were popular targets for hackers because of their large pools of resources. It was assumed that smaller businesses simply weren’t as vulnerable to cyberattacks because there was less value in attacking them.

But new security research from the Data Breach Observatory shows that’s changing: Small- and medium-sized businesses (SMBs) are now more likely to become a target. This change in tactic has been caused by large businesses investing in their cybersecurity and also refusing to pay ransoms. Cybercriminals are less likely to extract anything of value by attacking these businesses, so instead they’re turning to attacking smaller businesses.

While the payday may be smaller when attacking SMBs, by increasing the volume of attacks, cybercriminals can make up the shortfall. Smaller businesses have fewer resources to protect their networks and thus have become more reliable targets. Four in five small businesses have suffered a recent data breach.

• SMBs were the number one target for hackers in 2025, accounting for 70.5% of the data breaches identified in the Data Breach Observatory. This means that companies between 1 and 249 employees were the most vulnerable to cybersecurity breaches throughout the year.
• Retail, tech, and media/entertainment businesses were targeted most frequently.
• Names and contact information are the most common records to appear on the dark web, increasing the risk of phishing attacks targeting workers. Names and emails appeared in 9 out of 10 data breaches.

With these trends in mind, it’s likely that hackers will continue targeting SMBs in the new year. If your organization falls into this category, your risk of a data breach could be higher.

It’s not inevitable, however. By considering your business’s sensitive data, how it’s stored, and what you use to protect it, you can secure your organization.

How to avoid data breaches in 2026

Avoiding a data breach doesn’t have to be costly or complicated, as long as your business takes the right approach and finds the right tools.

Employ two-factor authentication

If all it takes to gain access to one of your business tools is a username and a password, your network is significantly easier to breach. Two-factor authentication (2FA) makes it harder for unauthorized individuals to gain access.

By introducing a secondary authentication method, such as an OTP code, security key, or biometric login, authentication and authorization take less time for your system, as well as increasing the barrier to entry.

Secure access control to your network

The principle of least privilege is a method used to decide who has access to what business tools and data. It dictates that any given team member should have access to strictly the necessary information they need to perform their role and nothing else. This approach to access control protects your organization by reducing the number of entry points into your network.

When access has been granted to strictly necessary team members, that access needs to be secured with good password hygiene. This includes creating strong passwords, not reusing passwords for multiple accounts, and ensuring that your business is notified if any of your data appears on the dark web. Strong and enforceable password policies support good password hygiene, and you can ensure that the dark web is regularly scanned for business data with a tool or service such as a password manager.

Store sensitive data securely

Leaked passwords and email addresses contribute to the risk that your employees will be targeted by phishing attacks or have their accounts compromised. Even a single compromised account can lead to a data breach.

Create a single, secure repository for every business credential by adopting a secure business password manager. With a password manager, every team member can safely generate strong passwords that meet your business’s password policy, autofill them on frequently visited websites and apps, and securely share credentials when needed. This secures all of these vital entry points into your business network.

Authorities at the Changi Airport in Singapore have seized a record amount of smuggled rhino horns.

What’s happening?

According to a joint press release from the National Parks Board and air cargo handler agency SATS, authorities seized a record 35.7 kilograms of smuggled white rhino horns, worth an estimated 1.13 million Singaporean dollars, or around $870,000 in the United States.

A SATS Cargo Acceptance staff member uncovered the horns, which had been hidden in a shipment of “furniture fittings” bound for Laos.

The discovery was made after the staff member detected a strong odor from the shipment on November 8, leading to an inspection from the Airport Police Division of the Singapore Police Force and NParks.

Authorities found 20 pieces of rhinoceros horns, as well as 150 kilograms of other animal parts. Further tests revealed that the horns belonged to White rhinos, a near-threatened species, according to the IUCN Red List.

As The Straits Times reported, SATS Cargo Acceptance staff member Vengadeswaran Letchumanan described the discovery of the rhino horns to the media.

“When they opened the box, [it was] very smelly,” Vengadeswaran said. “[I couldn’t] stand near the box. This is the first time I saw something like this.”

Why is the massive seizure of rhino horns concerning?

All rhinoceros species are protected, and efforts are in place to protect them from threats like poaching and illegal trade.

International treaties, such as the Convention on International Trade in Endangered Species of Wild Fauna and Flora, prohibit the trade of rhinos and their parts. This is an ongoing effort to preserve the future viability of all rhino species.

Before being designated a protected species, rhino populations saw a significant decline for decades. While some rhino species have experienced a population rebound, other species, like the black rhino, are still facing potential extinction.

But there is hope. In Indonesia, the Kambas National Park welcomed the birth of a Sumatran rhino, a critically endangered species. In Kenya, 21 black rhinos were released into their “rightful habitat” for the first time in 50 years.

“The illegal wildlife trade threatens the survival of endangered species, driving habitat destruction and biodiversity loss on a global scale,” said Dr. Anna Wong, senior director of wildlife trade for the National Parks Board.

“As a signatory to CITES, Singapore is committed to international efforts to combat the illegal wildlife trade to safeguard the long-term survival of these animals.”

What’s being done about illegal wildlife trade operations?

The illegal wildlife trade is a major contributor to the decline of global biodiversity, pushing countless species toward extinction. This can disrupt established ecosystems and lead to the introduction of invasive species that can further damage native species.

“NParks adopts a multi-pronged approach to enforce against illegal wildlife trade,” added Wong. “This includes working with agencies and partners like SATS to conduct checks at our border checkpoints, as well as conducting training to enhance skills and share expertise with counterparts on detecting smuggled wildlife and wildlife products.”

An effective way to reduce the impact of illegal wildlife trade is to decrease demand for unregulated wildlife products, especially those derived from threatened and endangered species. These products include ivory, exotic skins, and parts used in certain traditional medicines.

“We also urge the public to play their part by not purchasing wildlife parts and products,” said Wong.

Get TCD’s free newsletters for easy tips to save more, waste less, and make smarter choices — and earn up to $5,000 toward clean upgrades in TCD’s exclusive Rewards Club.