Estimate third-party breach impact from vendor access, shared data, service dependency, contract notice, and customer exposure