In an era of increased data breach incidents, researchers and practitioners have focused on specific access vectors such as credential abuse, exploitation of vulnerabilities, phishing, and other factors. Limited attention has been directed to factors that increase the likelihood of a subsequent attack. This paper examines the factors that shift within a firm in the time leading up to a second data breach, drawing on research from the past few months that points to specific organizational and operational factors as strong predictors of subsequent breaches. It proposes that consistent operational factors, such as third-party exposure and share price, along with organizational factors, like multiple executive leadership changes and perceived signals, play a key role in repeat breaches.