By Vicky Sidler | Published 1 August 2025

If you’ve ever handed your email to a business and thought, “What’s the worst that could happen?”—well, here’s the worst: Every minute in Q2 2025, another South African user account was leaked.

That’s according to recent findings from cybersecurity firm Surfshark, which reported 369,600 breached accounts across South Africa in just the first half of 2025. It’s a big number—but here’s the kicker: it’s actually 23% lower than the previous quarter.

So... good news? Not quite.

TL;DR

• 369,600 South African accounts were breached so far in 2025

• Q2 saw 161,100 leaks—down from Q1, but still one every minute

• 53% of leaked accounts included passwords, opening the door to identity theft

• 66 out of 100 South Africans have already been breached since 2004

• Most breaches happen through businesses collecting everyday data—like emails and phone numbers

 👉 Need help getting your message right? Grab my free 5-Minute Marketing Fix. It’s a quick and easy tool to help you get clear and build trust fast.

It’s Not Just Your Email Anymore:

Surfshark’s data shows that every breached email came with an average of 2.9 additional data points. That’s your password, phone number, maybe even your physical address—floating around out there like confetti at a hacker’s intention-reveal party.

And it’s not just tech companies or shady websites. The biggest threats are the everyday ones. Your favorite takeaway joint. Your dentist. That place you booked a haircut once in 2021.

As Surfshark’s product manager Sarunas Sereika puts it:

“There is no guarantee that businesses are keeping crucial information safe and secure... In the wrong hands, this data can be used to commit identity theft, via social media, for targeted scams or sold on the dark web.”

So while you’re thinking, “I just run a small business, why would anyone come after me?”—the answer is: they already are, and it’s because you’re not taking this seriously.

What Small Businesses Get Wrong About Cybersecurity:

Most small businesses don’t think they’re a target, which is exactly why they are. Here’s what I see often:

• Weak passwords stored in spreadsheets

• No formal data policy

• Customer data handled like it’s a birthday RSVP list

• Zero backups, zero alerts, zero shame

And let’s be honest—if you’re using the same password for your banking app and your Canva login... we need to talk.

The Real Marketing Risk Behind Data Breaches:

If you think cybersecurity is IT’s problem, let me remind you of one thing: trust is your brand.

StoryBrand principle #1: if you confuse, you lose. But here’s the extension: if you leak, you lose faster.

Breaches don’t just expose data. They expose gaps in your systems, in your communication, and in the trust you’re asking customers to place in you.

You can’t run a “we care about our clients” ad campaign while their email is being auctioned off on the dark web.

Three Marketing Moves to Reduce Risk (and Build Trust):

As a Duct Tape Marketing Strategist, I’m all about systems that protect your reputation. Start with these:

1️⃣ Stop Collecting What You Can’t Protect:

If you don’t need a customer’s birthday, pet’s name, and mother’s maiden name—don’t ask. Simplify your forms. Reduce your liability.

2️⃣ Communicate Like a Human:

If something goes wrong, say so. Fast. A short, clear apology with helpful next steps beats silence every time.

3️⃣ Build Digital Hygiene Into Your Marketing:

• Update passwords quarterly

• Use a password manager

• Review who has access to what

• Store lead magnet downloads securely (Google Sheets does not count as secure)

These are boring. I know. But they’re like brushing your teeth—skip them long enough, and you’re in for a world of pain (and cost).

It’s Not Just a Tech Problem—It’s a Story Problem:

When someone lands on your site, fills out your form, or buys your product, they’re trusting you with more than their email.

They’re trusting that you have your stuff together.

Want to build trust? It starts with clear communication. That means your homepage, your lead magnets, and yes—even your data policies—should feel consistent, secure, and intentional.

If you can’t explain what you do in one clear sentence, you’ve got bigger problems than a leaky database.

That’s why I created the 5-Minute Marketing Fix—a free tool that helps you nail your one-liner, so you can build credibility fast.

👉 Get the 5-Minute Marketing Fix now

Because the best way to stay out of the headlines? Be the kind of business people trust—on the page and behind the scenes.