Databases allow businesses to target audiences on social media, follow up with customers in CRMs, and file tax information for employees. However, the threat of a data breach can cost small businesses big time. Data breach insurance protects your business from the impact of liabilities due to lost or stolen data.

Learn the inputs and outputs of data breach insurance, how it differs from cyber liability insurance, and how to protect your business with cyber insurance.

What is a data breach?

A data breach occurs when sensitive or confidential data is viewed, shared, or stolen by an unauthorized individual without the knowledge of the database system’s owner. Data breaches can result from outside hackers attacking the system through malware or phishing scams, insider leaks from disgruntled employees, or unintended disclosure through negligence.

Typically, a data breach incident will begin with the attacker researching potential targets. For example, they will look for a weakness in the security system or trick an employee into sharing a password through a phishing scam. Then, they will attack the network and exfiltrate the data, holding the information for ransom, or using the data to commit fraud. The effects of a data leak can lead to liability claims, business interruptions and revenue loss.

Data breach insurance explained

The aftermath of a data breach can wreak havoc on your business. For example, you can lose the information you rely on to carry out daily business tasks and even face negligence claims from your customers.

Data breach insurance is designed to cover the financial impact of business liabilities associated with a data leak, helping protect your business from the cost of first-party claims.

What does data breach insurance cover?

Data breach insurance is a first-party coverage, meaning that it protects your business assets. It may include expenses associated with notifying affected parties, hiring a PR firm to communicate about the breach, or providing credit monitoring services.

It’s worth noting that data breach insurance tends to be less broad than a cyber insurance policy, which covers third-party claims and damages and settlements resulting from a cyber attack.

Why do businesses need data breach insurance?

As of 2021, U.S. data breach costs reached $4.24 million.1 When you think of data breaches, you may only picture them affecting large organizations, like social media corporations, credit card companies and government institutions. However, any business storing data on a physical hard drive or network is at risk for a data leak.

Data theft, ransomware extortion and business interruption can be devastating to small businesses. Data breach insurance helps protect small and large companies from liability claims and expenses associated with a data hack so they can get back to their keyboards.

What is cyber liability insurance vs. data breach insurance?

Cyber liability insurance and data breach insurance sound similar. So, when do you need each?

  • Data breach insurance only covers business losses related to company information and data theft. This type of policy may not cover all of the expenses associated with large-scale cyberattacks and other types of cybercrime.
  • Cyber liability insurance is a stand-alone policy that offers a wider range of protections for businesses affected by a cyberattack. This type of policy typically covers first and third-party liability claims, including equipment damage, lost revenue and attorney fees.

How much does data breach insurance cost?

As you might expect, the cost of data breach insurance will vary depending on your needs. Factors that influence cost include:

  • The amount of coverage
  • Your deductible
  • The size and nature of your business (including how much personal data you handle)
  • Business location
  • Whether or not you’ve had a previous breach
  • Level of security measures you have in place

With these factors in mind, premiums for small businesses start at several hundred dollars a year for basic coverage and rise from there.2 The effects of an uncovered cyber attack can cost shut your business down indefinitely and put you in financial debt.

What is not covered by data breach insurance?

While data breach insurance covers most of the liability expenses associated with a data leak, some things aren’t typically covered. For example, you may want to upgrade your security network after a cyber attack. While data breach insurance can cover equipment replacements, it usually does not cover upgrades.

Data breach insurance plans also don’t cover the indirect costs of a data leak, including lost revenue from compromised intellectual property or future profit loss from reputation damage.

Not to be confused with cyber liability insurance, data breach insurance also does not cover third-party financial loss, third-party property damage and costs related to your professional mistakes or omissions.

Cyber insurance: The ultimate backup drive

Most of us make a habit of saving our data on a backup drive. After all, we need a backup plan for when computers crash, phones break and things generally go awry. Data breach insurance is like the ultimate backup drive that can protect your business from the effects of lost or stolen data.

Cyber liability insurance reduces your exposure to the threats of a data breach and more. Cyber Insurance protects individuals and businesses from damages associated with online attacks and accidents, such as data breaches. Cyber liability insurance can cover you from costs related to lost or damaged data, loss of income, injured party compensation and more.

Small business insurance is another way to protect yourself. Click “Get a quote” or download the Thimble mobile app, answer a quick set of questions, and get covered within minutes.


  1. IBM. Costs of a Data Breach Report 2021. 
  2. Cyber Liability Insurance Cost.