Internet privacy company Proton launched a new service on Thursday designed to uncover cybercrimes by tracking data breaches and revealing when stolen information surfaces on the dark web.
Switzerland-based Proton, known for its encrypted email and virtual private network services, said it was kicking off its new Data Breach Observatory with data drawn directly from the dark web -- a hidden part of the internet where criminals trade in stolen data.
Since the start of this year alone, the company said it had detected nearly 800 notable breaches in single, identifiable companies, leaving more than 300 million individual records exposed.
If it had included the countless compilations of data from multiple breaches found on the dark web, ‘the true scale of exposed records Proton uncovered in 2025 is actually closer to 1,571 incidents with hundreds of billions of records’, it said.
Going forward, the company said it would update the Data Breach Observatory ‘in near real time’, and would publish details of newly-discovered breaches ‘whether or not the companies involved have chosen to be transparent with their users’.
Proton said there was a dire need for these observations, pointing out that while many people are aware that cybercrime is on the rise, facts have so far been hard to come by.
Instead, they rely mainly on self-disclosure by affected companies, who may opt to hide breaches out of embarrassment.
The dark web, which is inaccessible via standard browsers, is often used by criminals as a marketplace for illicit activities.
The trading in stolen personal information there, including financial details and login credentials, creates a significant and largely hidden threat to both individuals and businesses, Proton said.
The Swiss company said its research had found that small- and medium-sized businesses were most impacted.
Companies with 10–249 employees accounted for nearly half of all breach incidents, while businesses with fewer than 10 employees made up 23 percent, it said.
As for the stolen information being traded on the dark web, Proton said email addresses, names and contact information were the most exposed, followed by passwords and sensitive information like government and health records.
Proton said its observatory would generate timely reports of emerging data breaches, enabling it to alert affected businesses and organisations potentially before they are even aware of a leak.
The reports would help them secure systems, protect against further attacks and alert their customers.
The aim is ‘to reveal unseen breaches and to alert affected businesses and organisations as they happen’, Eamonn Maguire, Proton’s head of engineers, AI and machine learning, said in the statement.
