We must face the fact that if we have an online business, it is inevitable that data breaches will occur. This is largely due to HUMAN ERROR. The weakest link in any technology change is a human being and low awareness of how to operate business systems securely.
In the past, I have been a bounty hunter in Blockchain security and chased down criminals who have stolen up to EU$50m in cryptocurrency. I am very familiar with how organised criminals operate, and how they exploit human weaknesses.
The number one human weakness exploit is to compromise an email address through phishing, which is fake websites that appear real to capture login details.
Second to this is hacks into databases which uncover your email and your password.
You can check if you email address and password have been sold online via distribution lists used by organised crime using the following link:
The best thing to do is do have a security audit performed on your business systems. Which involves checking FIREWALLS ARE ON, making sure that there is only one USER PROFILE on each machine with no secondary logins and then checking for MALWARE with the most up to date MICROSOFT and APPLE updates. If you fail to update your system with the latest updates, you system will be vulnerable to hacking, period.