A data breach is any security incident where unauthorized parties gain access to sensitive or confidential information.
Data breach is often used interchangeably with the term cyberattack. However, this is not technically accurate as not all data breaches are cyberattacks, and not all cyberattacks are data breaches.
Data targeted during breaches include:
Social security numbers
Bank account numbers
Healthcare data
Customer data records
Intellectual property
Financial information
Data breaches happen for three main reasons
Mistakes, e.g., emailing confidential information to the wrong person
Malicious insiders, e.g., disgruntled employees
Hackers, e.g., outsiders committing intentional cybercrimes
Financial gains are the primary drivers of most intentional data breaches. Hackers either steal the money directly using the stolen credentials, take out loans or credit cards in the victims’ names, or sell the personal information on the dark web.
Generally intentional data breaches follow the same basic pattern, regardless of who’s carrying them out.
Step 1: Research
Hackers identify a target and then search for weaknesses in the computer system or employees that could be exploited.
Step 2: Attack
Attack options include social engineering campaigns, directly exploiting vulnerabilities, using stolen log-in credentials, or leveraging other data breach attack vectors.
Step 3: Compromise data
Once inside the system, hackers exfiltrate the data for use or sale, destroy it, or lock out the victim and ransom the access.
Strong data breach prevention strategies can help organizations prevent data breaches. Strategies include
Implement strong password practices and use multi-factor authentication
Update software to the latest version when available
Visit trusted URLs that start with HTTPS
Avoid clicking on links in emails and messages from unknown senders or from known senders you weren’t expecting
Provide employee security training
Create an incident response plan