It's bad enough for a company's fortunes if it gets hacked, and details of its customers and confidential documents about its business dealings get stolen by hackers.
It's even worse for the organisation if journalists around the world leap on the story, and don't just report on the hack but also begin to shine a light on the company's secret activities, and the controversial work it has done for its clients.
That's probably more than enough to critically damage a firm's brand, and make customers think twice about doing business with it again.
But what's truly catastrophic is when the huge swathe of stolen information is then made available for easy searching online, by anybody with an internet connection.
That's the fate that has befallen the law firm Mossack Fonsecam, as the so-called Panama Papers have revealed how wealthy individuals use offshore firms to evade tax and avoid sanctions.
The scale of the Panama Papers leak is ginormous - more than 11.5 million leaked files weighing in at 2,600 GB, significantly overshadowing previous data breaches.
And now, the International Consortium of Investigative Journalists (ICIJ) has published a searchable database of part of the Panama Papers haul, that "strips away the secrecy of nearly 214,000 offshore entities created in 21 jurisdictions, from Nevada to Hong Kong and the British Virgin Islands."
Even if your company isn't involved in activities that some would consider reflect poorly on your brand, or are engaged in ethically challenging activities, there can be few businesses out there who would find it easy to survive such a blatant demonstration of poor security.
My advice? Don't delight too much in the discomfort of Mossack Fonseca and its wealthy clients. Instead, ask yourself if your own company is doing enough to ensure that it's not the next to be making headlines for all the wrong reasons.