If you’re still harboring illusions of data privacy, perhaps it’s time to face facts. According to statistics released this month by Amsterdam-based security company Gemalto, 888 data breaches occurred in the first half of 2015 — compromising 246 million records worldwide. Compared to the first half of 2014, data breaches increased by 10 percent, Gemalto reported, On the bright side, the number of compromised data records declined by 41 percent during the first six months of this year. There were simply fewer mega breaches between January and June, compared to the same period last year.

But Hold On

Don’t reach for your rose-colored glasses just yet: These statistics were compiled before a group calling itself “The Impact Team” stole the user data of Ashley Madison and leaked more than 25 gigabytes of company data, including user details. Ashley Madison promoted itself as the place where 37 million users could connect to have discreet affairs. Since its user data was posted online in August, the company has seen its IPO dreams replaced with the reality of multiple lawsuits. Angry customers are alleging negligence, breach of contract and privacy violations. Ashley Madison failed to take reasonable steps to protect the security of its users, including those who paid a special fee to have their information deleted, they argue.

Revealing Weaknesses

To say data breaches reveal a company’s underbelly is an understatement.   Just ask Sony, which was crippled during the 2014 holiday season from a massive cyber attack. The attack revealed sordid details such as a derogatory email about President Barrack Obama and forced the company to rethink the release date of The Interview, a Seth Rogen-James Franco movie. Not to mention the FTC levying fines and penalties across the board at the HINT of a breach. So what insights can we draw from these ongoing attacks? Maybe the best lesson is the imperative of maintaining due diligence in what is promised and delivered to customers.

Don’t Overpromise

Delivering as promised is certainly the intent of every ethical business. But data attacks can lay bare a number of operational gaffes that could be innocuous if privately addressed, but embarrassing when publicized. A downside of unorthodox marketing, such as guerilla marketing, is that what is promised to customers can scale faster than the company’s ability to deliver. If a company is promising a feature, but still developing its functionality, a timely leak can make sloppy operations look suspiciously like fraud. In Ashley Madison’s case, its operation raises questions regarding how it promised privacy to its customers. Companies are foolish to market features that are at best in beta testing — and even more foolish to charge for those features.

Facebook Lessons

Facebook learned this lesson back in 2011.