Data Breach Definition: How it Occurs

By now, we've heard of so many data breaches we don't even listen to the details. However, any data breach you are involved in could potentially mean devastation for your life if you become the victim of identity theft or fraud. Let's take a close look at what a data breach is, how it happens, and how you can protect yourself.

What is a Data Breach?

A data breach is when an unauthorized person (hacker, employee, or another individual) accesses private, sensitive information without permission. They may steal the data and release it to the public or hold it for ransom. Typically, a data breach is perpetrated electronically by the person or group, bypassing security measures and accessing private or corporate servers, computers, or other data storage devices. How is it done?

Typically, before a data breach, the hackers or cybercriminal gang researches the entity and performs some tests to find weaknesses in their infrastructure. Once they examine the entire network for vulnerabilities, they devise a plan to infiltrate. Sometimes this involved a phishing campaign or brute force attack on the system. The criminal may decide the best approach is to use a social engineering tactic on social media, texting, or other ways to get an employee to take the bait. 

Once the hacker gains entry, they often exfiltrate the data (copy it all over to their own servers). Sometimes, they encrypt the files so the owner cannot access them, and the hacker demands a ransom. If they do that, they often threaten to release sensitive data online if they don't pay up. Sometimes they simply steal it and auction it off to the highest bidder online. Information stolen in data breaches (especially account logins) can be very lucrative for cybercriminals. 

How Does a Data Breach Occur?

Data breaches occur in a variety of ways. However, statistics show that a large number of them happened because of phishing emails. The hacker sends a convincing email to an employee at the company, who then either click on a malicious link that infects their computer with malware or provides personal details that allow the perpetrator to gain access to the network. Malware and ransomware are the most common vehicles for data breaches. 

Some other data breaches occur because employees actually copy and steal personal data from the company where they work. They may be planning on selling the data, or they may just have been snooping. 

Other reasons they occur are:

• Insecure systems.
• Weak passwords.
• Out-of-date software and vulnerabilities (weak spots exploited by hackers).
• Malware is installed on a device connected to the network.
• Credential stuffing where the threat actor tries known username/password combos on other sites and gets lucky logging in with the company.
• Lost or stolen devices connected to the company servers.

The Largest Data Breaches to Date

It seems like every new data breach is claimed to be the largest yet, but the truth is they are all huge and damaging to millions of people. Here is a list updated this past November for the largest data breaches so far.

• Cam4 - March 2020 - 10.88 billion records.
• Yahoo - 2017 - 3 billion accounts.
• First American Financial Corp. - May 2019 - 855 people.
• Facebook - April 2019 - 540 million users.
• Yahoo - 2014 - 500 million accounts.
• Marriott/Starwood - November 2018 - 500 million guests.
• AdultFriendFinder - October 2016 - 412.2 million accounts.
• MySpace - June 2013 - 360 million users.
• Exactis - June 2018 - 340 million people.
• Twitter - May 2018 - 330 million users.
• LinkedIn - June 2012 - 165 million users.
• Adobe - October 2013 - 152 million people. 

What Happens After a Data Breach?

Depending on the data stolen dictates what happens next. Often scammers target credentials (logins). These can be used for various other crimes later like phishing emails, fraud, credential stuffing, and more. If payment card details are stolen, the hackers may try to use the cards to make purchases. If bank account data is taken, they may drain your funds. 

The problem is if they get a lot of personal data on a large number of people, they can use it for identity theft or sell it on the dark web, where even more criminals will have access to it. Even if you are the victim of one crime, you aren't safe due to your information being readily available online. Another hacker may use it to wage another campaign against you.

How to Protect Yourself After a Data Breach

With all that bad news, there is a ray of hope. There are steps you can take to stay safer from identity theft and fraud.

• Keep all devices and software up to date.
• Use very strong passwords.
• Turn on data encryption.
• Turn on multi-factor authentication.
• Never click links in an email.
• Sign up for credit monitoring.
• Review all accounts carefully every month, looking for suspicious activity. 
• Never give out personal information unless you have to.