What Is A Data Breach? Definition, Examples & Prevention

A data breach occurs when unauthorized parties infiltrate computer systems, networks or databases to gain access to confidential information. Breached data can include personal information, financial records, intellectual property or any other protected information that falls into the wrong hands. The consequences of a data breach can be severe such as financial losses, reputational damage, legal implications and potential harm to victims. This can include anyone from individual consumers to smaller businesses and even large multinational enterprises.

Data breach and cyber attack are terms used interchangeably—but they mean different things. In a data breach, the primary focus is unauthorized access to the data. For example, a hacker gains access to users’ names, Social Security numbers and passwords.

On the other hand, a cyber attack refers to a broader range of malicious activities that cybercriminals use, such as malware infections and phishing schemes targeting computer systems.

Types of Data Breaches

Let’s take a look at the most common types of data breaches:

Phishing

Phishing attacks typically involve deceptive emails or messages that trick individuals into revealing sensitive information such as passwords, credit card details or login credentials. These attacks rely on social engineering techniques and exploit human trust and naivety.

Malware Attacks

Malware encompasses a range of software-based attacks. It includes viruses, ransomware, spyware and trojans designed to infiltrate systems, steal data or disrupt operations.

Insider Threats

Insider threats involve individuals within an organization who misuse their access privileges to intentionally or inadvertently cause a data breach. Some examples are employees stealing or leaking sensitive information or falling victim to phishing attacks that inadvertently lead to unauthorized access to the data.

Physical Breaches

Physical breaches occur when servers, computers or storage devices with sensitive information get stolen. It can happen through theft, unauthorized entry or improper equipment disposal without adequately erasing the data.

Password Guessing

True to its name, attackers gain unauthorized access to user accounts by attempting different combinations of passwords.

Ransomware

Ransomware is malicious software that encrypts files or blocks access to computer systems. When a device or network is infected, the victim’s files become inaccessible. The attacker then displays a ransom message that usually demands payment to restore the system.

DDoS Attack

Distributed denial of service (DDoS) aims to disrupt the computer network by overwhelming it with incoming traffic. By overcoming the network or server, the attacker disrupts the system’s capacity to respond to legitimate requests, leading it to slow down or even crash.

The objective of a DDoS attack is not to gain unauthorized access or steal data but to make the targeted network unavailable to legitimate users. For example, an organization’s employees may need help signing in to the platform.

Why Data Breaches Happen

Here are some common reasons why data breaches happen:

1. Weak Security Measures: Insufficient security measures, like weak passwords, lack of encryption or outdated software, can make systems vulnerable to attacks.
2. Human Error: Mistakes by employees, such as accidental disclosure of sensitive information, improper handling of data or falling victim to phishing scams, can lead to data breaches.
3. Hackers: Attackers may use ransomware, phishing attacks or targeted cyber attacks to gain unauthorized access to data.

A common motivation among attackers is financial gain. They may seek to steal sensitive financial information, such as credit card details, bank account credentials or personal information, then sell them on the dark web or use them for fraudulent activities. Some hackers work for the government to gather intelligence and spy on rival nations. Others may seek to prove their skills and test their limits.

Organizations must implement robust security measures to minimize the risk of data breaches. Investing in cybersecurity and regular updates and patching of software can help businesses safeguard sensitive information and protect the privacy of individuals.

In its Cost of a Data Breach Report 2023, IBM found that identifying and containing a data breach takes an average of 277 days. Furthermore, the study showed that the global average data breach cost was an astounding $4.45 million.

Here are the usual phases of a data breach:

• Research: Hackers gather information and gather as much intelligence as possible about the target. They identify potential vulnerabilities, collect insights about the target systems or conduct phishing attacks to collect valuable data.
• Attack: The attacker infiltrates the target organization’s systems or networks. They may use various methods, such as exploiting software vulnerabilities, conducting phishing attacks, cracking weak passwords and stealing login credentials.
• Compromise data: Once inside the compromised systems, the attacker may employ different techniques to obtain and extract valuable information. From there, the attacker may use the data for malicious purposes such as selling it on the dark web, committing identity theft, conducting financial fraud or exposing sensitive information that can damage individuals or organizations.

Here are a few examples of significant data breaches in recent years.

Yahoo! Data Breach

Yahoo! suffered the most significant data breach in history between 2013 and 2014. Attackers gained unauthorized access to names, email addresses, passwords and security questions, affecting approximately 3 billion user accounts. The incident was not revealed until 2016—when Verizon was in talks to buy the tech giant. As a result of the data breach, Verizon lowered its original offer by $350 million and ended up buying Yahoo! at a reduced price of $4.48 billion.

Equifax

In 2017, Equifax—one of the largest credit reporting agencies in the United States—was hit by a data breach that affected approximately 147 million consumers. Attackers accessed Social Security numbers, birth dates, addresses, credit card numbers and driver’s licenses. In the aftermath, the company faced multiple lawsuits, regulatory inquiries and reputational damage, costing nearly $1.4 billion.

Marriott

The Marriott breach compromised the personal information of approximately 500 million guests who had reservations with the hotel giant’s Starwood brand. It exposed guests’ names, addresses, passport numbers, payment card details and other personal information. According to the New York Times, the attack was part of a Chinese intelligence-gathering effort seeking the personal data of American citizens. The company was subsequently fined over $23 million for failing to protect the information of its customers.

Microsoft

In 2021, hackers attacked Microsoft Exchange email servers and gained unauthorized access to the emails of as many as 60,000 companies worldwide. Once they broke into the servers, they could deploy malware, take charge of servers and gain access to other systems.

Featured Partners

Advertisement

1

TotalAV

Price

$19 for the first year

Built-In Internet Security

Yes

iOS & Android Protection

Yes

1

TotalAV

Learn More

On TotalAV's Website

2

Norton Antivirus

Price

$29.99 your first year

Secure VPN

Yes

Password manager

Yes

2

Norton Antivirus

Learn More

On Norton's Website

3

Surfshark

Price

$2.49 per month

Firewall

No

Email Security

No

3

Surfshark

Learn More

On Surfshark's Website

4

ESET

Price

$10.50/month for the first year

Unlimited VPN

Yes

Identity Protection

Yes

4

ESET

Learn More

On ESET's Website

If you want to protect your organization against a data breach, you can avoid this risk in several ways.

• Develop an incident response plan: An incident response plan outlines the steps to contain the incident and minimize damage. It includes proper communication channels, containment procedures, forensic investigation processes and notification procedures to address the breach effectively. BitSight said businesses faced $2.66 million lower breach costs than organizations without an incident response team or plan.
• Employee training and awareness: Educate employees about data security best practices, the risks of social engineering attacks and how to report potential security incidents. Host training programs and teach them how to avoid data leakage.
• Identity and Access Management (IAM): Establish mechanisms to verify the identity of users seeking access to systems such as passwords, biometrics, two-factor authentication (2FA) or multifactor authentication (MFA). Make sure employees have a level of access that matches their roles and responsibilities within the organization.
• Update software: Regularly update all software applications, operating systems and devices with the latest security patches and updates. Outdated software may have known vulnerabilities that attackers can exploit.
• Data encryption: Encrypt sensitive data at rest (stored) and in transit (during transmission) to make it more difficult for unauthorized users to access and interpret the information if a breach occurs.

A data breach occurs when unauthorized individuals gain access to sensitive information. Losing customers’ confidential information can lead to financial loss, reputational damage and regulatory penalties for businesses. As a result, organizations must adopt a proactive approach to prevent these incidents.