5 Companies That Were Forced to Shut Down Due to Data Breaches

If you’re an especially optimistic person who tries to find the positive in negative events, you might be inclined to think of data breaches as not being particularly bad. Sure, ransomware attacks and other hacking incidents may cause companies to lose data, suffer reputational harm, and even pay fines or penalties. But at least the businesses keep operating, right?

The answer, unfortunately, is “not always.” Although many of the most infamous hacks that have taken place in recent years haven’t forced their targets to go out of business, some attacks do become existential threats that force companies to shutter. The organizations lose so much data that is critical to their operations, or face such steep financial repercussions, that they have no choice but to close entirely.

To prove the point, here’s a look at five major hacks this decade that ended in worst-case scenarios from a business perspective. As we’ll emphasize, these are also lessons in why effective data protection capabilities are so critical not just as a means of minimizing disruptions, but also of safeguarding the very viability of your business itself.

1. TravelEx ransomware attack (2020)

In early 2020 – as Covid-19 was spreading and most of the world was still enjoying the final weeks of “before times” – the foreign currency exchange company TravelEx experienced a ransomware attack that shut down its operations in 30 countries. The attackers demanded $6 million (some sources reported $3 million) in ransom to restore the company’s data.

The company apparently negotiated with the attackers, who agreed to settle for a payment of $2.3 million. But like the 92 percent of companies that pay ransoms without fully recovering their data, TravelEx wasn’t able to go back to normal after settling up with the hackers. Instead, it ended up restructuring, effectively going out of business.

It’s worth noting, too, that TravelEx apparently had a cyber insurance policy in place before the attack. But that was not enough to cover the serious losses it incurred from the disruption to its operations.

In the fallout of the incident, TravelEx executives stated that the company might have managed to weather the attack if not for the onset of the Covid-19 pandemic, which (by causing a major slowdown in global travel and hence in the need for foreign currency exchange) resulted in substantial revenue losses independent of those stemming from the ransomware incident. That seems plausible.

Equally plausible is that, had TravelEx backed up its data and had an effective disaster recovery plan in place before the attack, it likely could have restored its systems without paying the ransom. And perhaps then the company would have been in a better position to survive the ensuing Covid crisis.

2. MediSecure breach (2024)

In July 2024, MediSecure, which provides electronic prescriptions in Australia, announced that it had experienced a breach that compromised the records of 12.9 million people – nearly half the population of the country.

According to the limited publicly available information about how the breach happened, it appears that threat actors exploited a vulnerability to plant ransomware within MediSecure’s IT estate. Then, they encrypted sensitive patient data and demanded a ransom to release it.

It’s unclear whether MediSecure actually paid the ransom, but it probably doesn’t matter much because the attackers used the stolen data to launch other attacks against individuals whose personal information they had compromised.

Following the incident, MediSecure requested a financial bailout from the Australian government, presumably to protect itself against the potential of lawsuits from affected parties seeking to hold the company responsible for the exposure of their personal information. The government declined the request, and shortly after, MediSecure entered a state called “administration” – which effectively means that it is being reorganized, and may cease operations once it finishes responding to the fallout from the breach.

The takeaway: Encrypt sensitive data – including sensitive information stored in backups, which should also be immutable to ensure that attackers can’t tamper with them. Although it’s not entirely clear whether encrypted backups would have prevented the MediSecure breach, they certainly wouldn’t have hurt. At a minimum, they would have helped ensure that if the attackers targeted backups as a way of accessing sensitive information, they wouldn’t have been able to do so without the decryption key.

3. Discord.io hack (2023)

In an example of an incident where a business shut down without even having its data held for ransom, Discord.io announced in August 2023 that it was ceasing operations. The announcement followed a major hacking event in which threat actors obtained access to the company’s main customer database and offered it for sale.

It’s unclear whether the database, which contained personal information about approximately 760,000 Discord.io members, was ever actually sold. Nonetheless, the company (which provided custom invitations for the Discord messaging platform, and which operated independently from Discord itself) apparently chose to shut down – presumably in a bid to avoid lawsuits linked to claims of improper management of sensitive data. In other words, Discord.io seems to have seen the writing on the wall and figured that rather than waiting to be sued into bankruptcy, it might as well just go ahead and go out of business right away.

Because this hack apparently stemmed from a compromise of a production database rather than backups, it’s not clear that stronger investment in data backup and recovery would have saved the company. Still, data protection and the ability to weather (or avoid) major hacks like this one tend to go hand-in-hand: If you take steps to back up data properly, it’s likely that you enjoy a stronger overall security posture and a higher level of business resilience, too.

4. National Public Data (2024)

In August 2024, National Public Data, which collects and processes information for background checks, announced the exposure of 2.9 billion records containing personal information associated with up to 170 million people. It appears the attack occurred because hackers located a zip file on the company’s website giving them access to its databases. Several months later, the company filed for bankruptcy and shut down due to the financial impact of the breach.

As with some other recent data breach incidents, it’s not clear that backups alone would have saved National Public Data from closing. But they would have been one key step in a broader cyber hygiene strategy that might have prevented dangerous practices like storing access credentials in zip archives.

5. Code Spaces (2014)

The Code Spaces story is one we’ve spoken about previously. Although it happened more than a decade ago, it’s worth revisiting because it’s still just as devastating today, given how preventable the consequences of this breach were. The team at the source code hosting service woke up one morning discovering that hackers infiltrated their Amazon Web Services control panel. They then demanded a hefty ransom in exchange for returning control of their own systems. This turned into a terrifying 12-hour period as they watched their entire digital existence begin to disappear. Code Spaces discovered that the hackers implemented a DDoS attack and proceeded to infiltrate into their Amazon EC2 control panel. The hackers destroyed not just their primary data, but even their backup systems – including cross-region backups meant to be their safety net. 

When N2W customers heard about this story, many reached out as they finally understood that their data and snapshots must be stored in an entirely separate AWS account. If Code Spaces had done this, their backup data would be safe and it would have eliminated the worry that a hacked account would lead to snapshot and data deletion.

When the dust finally settled, the damage was catastrophic and the company couldn’t sustain themselves. The company never recovered, becoming a stark reminder that losing your backup data can mean losing everything.

Protecting your data – and your business

To be sure, breaches that result in the total dissolution or restructuring of companies are relatively rare. Most businesses manage to survive cyberattacks, even if they permanently lose data.

But the examples above prove that closures as a result of breaches can and do happen – and they serve as a reminder of why effective data protection is so critical not just for avoiding fines or bad headlines about your business, but for ensuring that it’s able to maintain operations in the wake of hacks.

To avoid letting your company fall victim to an existential data breach, invest in advanced data protection practices such as:

• Systematic data backup: Regularly back up data based on a schedule that reflects your company’s RPO and RTO needs. Doing so ensures that you have data backups on hand that are recent enough to restore your operations without loss of critical information.
• Immutable backups: Creating immutable backups helps ensure that if attackers manage to access your backup data in addition to your production systems, they won’t be able to delete or tamper with the backups – so you’ll still be able to perform a successful recovery.
• Cross-region backup: Cross-region backup adds another layer of assurance for protecting cloud-based workloads and data by allowing you to restore operations quickly using a different cloud region in the event that your primary region is impacted by an outage or attack.
• Cross-account backup: Cross-account backup, too, enhances data protection by making it possible to restore data across accounts so that if one account is compromised, you can quickly restore operations using a different account.
• Network cloning: To restore operations quickly following an incident, recovering just your data is often not enough. You also need to be able to restore network settings – which is why you should clone network configurations at the same time that you back up workloads.
• Disaster recovery planning: Plan ahead for how you’ll respond when a ransomware incident or other threat strikes. The better you plan for all possible attack and recovery scenarios, the greater your ability to restore business operations quickly and comprehensively enough to avoid compromising the viability of your organization.
• Cross-cloud disaster recovery: For those organizations who have implemented a Multicloud solution, it’s imperative to take advantage of cross-cloud air gapping. The future of Multicloud means not being reliant on one vendor while simultaneously being cost efficient.

The tough thing about ransomware attacks and other data breaches is that it’s impossible to predict how or when they might happen – which means that no amount of security hardening can guarantee you won’t be attacked.

What you can do, however – and what many of the businesses described above probably should have done – is safeguard data resources. By restricting access to databases and other production data assets, while also generating secure, immutable backups, you can place your organization in the strongest possible position to see itself through a data breach incident without going out of business.