The Hidden Costs of Data Breaches

October 08, 2025 • Resource
Posted by
Jay Banerji, DFIR Director
Share this article

When it comes to data breaches, the impacts go far beyond headlines and fines – there are many hidden, long-term costs.

In our recent webinar, The Hidden Cost of Breaches: How Compromised Data Fuels Targeted Attacks and Enterprise Disruption, Thales Cyber Services’ Director of Digital Forensics and Incident Response, Jay Banerji, highlighted how the cybercrime economy, regulatory shifts, and evolving attack tactics are reshaping the way businesses need to think about security. He also explored the importance of looking backwards to enhance organisational cyber security through undertaking compromise assessments.

The Hidden Cost of Breaches How Compromised Data Fuels Targeted Attacks and Enterprise Disruption
View Webinar

Data breach reality: When fatigue sets in

Data breaches feel like old news. Headlines appear almost daily, yet public interest has dropped so sharply that most people barely click on breach notifications anymore. In fact, based on the breach incidents our team has supported, less than 2% of people engage with them.

This “data breach fatigue” has changed the game.

The risk of reputational damage that presented an existential threat to impacted organisations has waned. And brands can recover more easily than ever before with clever marketing. Take Marks & Spencer for example, which bounced back from a £400m loss after a serious cyber incident by marketing an Instagram-worthy strawberry sandwich.

But while the public shrugs, regulators are paying more attention to data breaches than ever before.

In Australia, the Office of the Australian Information Commissioner (OAIC) now possesses stronger enforcement powers after amendments to the Privacy Act, however the core interest of regulators is the protection of individuals – to act as the interested party on behalf of the public, when the public is uninterested.

The area which is often neglected when it comes to discussions about breaches, is the impact that breached data has on organisations security posture in the future – not just for the affected entity, but their partners, suppliers, and clients. Whilst most interest in the media and from a regulatory perspective is related to personal information, the organisational information that is exposed still has a real, substantial risk that needs to be considered.

What this means is that now more than ever before minimum compliance is not fit-for-purpose. They need to switch from tick box to managing real risk.

The cybercrime economy: A supply chain of malicious actors

The technical barriers to entering into cybercrime have never been lower, with the rise of the Cybercrime-as-a-Service (CaaS) model meaning virtually anyone with a computer connected to the internet can become a cybercriminal.

Gone are the days of cybercriminals primarily using the darkweb – on surface web platforms like Telegram and Discord, technical experts act as service providers, establishing a well-oiled cybercrime supply chain.

This supply chain comprises:

  • Initial Access Brokers that scan and sell entry points.
  • Affiliates, who deploy exploits and facilitate entry to systems.
  • Operators - the branded cybercrime groups – which are known to splinter, shapeshift and re-emerge.

This supply chain complexity makes attribution of a cyberattack difficult and mapping tactics, techniques, and procedures (TTPs) to a single “threat actor” creates false confidence.

Methods of harm maximisation - “turning the screws” on victims has also become more sophisticated. Today’s cybercriminals don’t rely on a single extortion demand. They pressure suppliers, customers, and even executives’ families. They extort individuals - charging as little as $5 to delete leaked personal data. And when extortion fails, stolen data is simply recycled, resold, and reused for future attacks.

AI is amplifying this problem, enabling attackers to mine and cross-reference massive datasets at scale. The result - a perpetual cycle of monetisation and targeting.

Looking backwards to move forward: Compromise assessments

A cybersecurity compromise assessment is a structured review of an organisation’s IT environment to determine whether it has been breached, is currently compromised, or contains signs of malicious activity that went undetected.

It is essentially a forensic-style health check to uncover evidence of threats in a system.

The key objectives of a compromise assessment are to detect past or ongoing intrusions, find signs of malware or other exploits, assess security gaps, and to provide assurance that systems are secure.

By having insights into past intrusions, organisations can better prepare for the future.

Key takeaways: From compliance to resilience

  • Compliance is a baseline, not the end goal. True resilience comes from understanding incidents in context and addressing real risks.
  • Culture matters more than checklists. Security awareness and proactive strategies reduce vulnerabilities.
  • Data breaches ripple outward. Even if the direct reputational impact seems minimal, leaked data feeds cybercrime cycles that return as larger threats.
  • Shared responsibility. Because supply chains and digital ecosystems are interconnected, strong cybersecurity needs herd immunity.

Written by Jay Banerji

Contact us

Speak with a Thales Cyber Services ANZ
Security Specialist

Thales Cyber Services ANZ is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.

Let's Talk

Related Resources

Resource
​​Penalties for non-compliance with the SOCI Act
​​Penalties for non-compliance with the SOCI Act
Resource
The Differing Layers of Cyber Incident Management
The Differing Layers of Cyber Incident Management
Resource
All hazards: Critical Infrastructure and the Role of the Board in Managing Risk
All hazards: Critical Infrastructure and the Role of the Board in Managing Risk
Resource
ISO 27001 vs. SOC 2: Key Differences
ISO 27001 vs. SOC 2: Key Differences