A data breach is an incident where sensitive, confidential, or protected data is accessed, disclosed, or stolen by unauthorized individuals or groups. This type of cyber incident can happen to a business or an individual’s data, and the breach may be intentional, in other words, for criminal purposes, or it may be by accident, such as an employee accidentally attaching personal customer data to an email. Common data breach tactics include brute force attacks, phishing, denial-of-service (DoS), and malware schemes.
What is the impact of a data breach?
The result of a data breach is often devastating for companies and individuals. For businesses, data breaches result in massive financial and reputational losses, as well as possible fines from data protection compliance bodies, such as General Data Protection Regulation (GDPR) regulators. In the case of individuals, they can lose personal data, such as their banking details or Social Security number, which hackers can use to steal their money or identity, or to create new identities and accounts with.
How does a data breach happen?
Data breaches typically result from a weakness in either a company’s technology, such as their identity and access management system, or as a result of user behavior. In the case of users, breaches could often result from weak or reused passwords. In addition, as more of our digital devices become connected and share data, the higher the risk of these incidents.
It’s possible for a data breach to stem from an internal or external source. It could be an employee that accidentally shares confidential information or one that intentionally sells company information to cybercriminals. It could also be an external source that hacks into a company’s database, or a lost or stolen portable device such as a laptop or external hard drive.
Example:
A hacker gains access to a password manager provider database through a compromised developer account. Or a data breach on a social media platform that exposes the personal information of millions of users.