Data Breach: What It Is, How It Happens, and How to Protect Yourself

What is a Data Breach?

A data breach is a security violation in which sensitive, protected, or confidential data is accessed by unauthorized individuals. Data breaches may occur as a result of an accidental, human error from within an organization; via insider threats, such as negligent users, criminal or malicious insiders, or inside attackers that have stolen user credentials; or via an external cyberattack wherein hackers view, copy, transmit, steal, and/or use data to which they have no rights.

A data breach, a type of cyber crime also known as a data leak or data spill, involves a compromise of security that leads to the intentional or accidental unauthorized access to and unlawful alteration, loss, theft, dissemination, and/or destruction of what should be private data.

Data breaches are sometimes triggered by cyberattacks carried out by bad actors whose objective is to illegally obtain account login credentials, credit card numbers, contact information, email and home addresses, and more, in order to steal individuals’ identities and make unlawful purchases. Some data leaks are carried out by a person or persons who wish to expose what they perceive to be unethical incidents within a company or government, or whose objective is to intentionally compromise national security.

Perpetrators of a data security breach may include individual, independent hackers; organized crime units; political activists; and even national governments. The culprit may also simply be poorly configured system security or negligent disposal of used computer hardware. According to data breach statistics compiled by IBM, the average cost of a data breach increased 2.6% from USD 4.24 million in 2021 to USD 4.35 million in 2022 – up 12.7% from USD 3.86 million in the 2020 report.

How Do Data Breaches Happen?

Data breaches can occur in a variety of ways, including:

• Hacking: Attackers gain unauthorized access to a computer system or network, often through exploiting vulnerabilities.
• Social engineering: Manipulating individuals into divulging confidential information, such as passwords or credit card numbers.
• Physical theft: Stealing devices like laptops, phones, or hard drives containing sensitive data.
• Insider threats: Current or former employees misusing their access privileges.
• Unpatched software: Failing to update software with the latest security patches can leave systems vulnerable.

Types of Data Breaches:

Data breaches can involve various types of information, such as:

• Personal information: Names, addresses, Social Security numbers, and dates of birth.
• Financial information: Credit card numbers, bank account details, and payment information.
• Health information: Medical records, insurance information, and other health-related data.
• Intellectual property: Trade secrets, patents, and other confidential business information.

Impact of Data Breaches:

The impact of a data breach can be significant, leading to:

• Financial losses: Costs associated with investigation, notification, credit monitoring, legal fees, and potential lawsuits.
• Reputational damage: Loss of customer trust and damage to brand reputation.
• Legal and regulatory consequences: Potential fines, penalties, and legal action for failing to protect sensitive data.
• Identity theft: Criminals can use stolen information to open accounts, make purchases, or commit other fraudulent activities.

Preventing Data Breaches:

While it's impossible to completely eliminate the risk of a data breach, organizations and individuals can take steps to mitigate it:

• Strong passwords and multi-factor authentication: Use unique, complex passwords and enable multi-factor authentication whenever possible.
• Regular software updates: Keep all software, including operating systems, applications, and security software, up to date with the latest patches.
• Employee training: Educate employees about data security best practices, such as recognizing phishing scams and avoiding suspicious links.
• Data encryption: Encrypt sensitive data both in transit and at rest to protect it from unauthorized access.
• Regular backups: Back up important data regularly to ensure it can be recovered in the event of a breach.

What To Do if You’re Affected by a Data Breach:

If you believe your data may have been compromised in a data breach, take the following steps:

• Change your passwords: Immediately change passwords for any accounts that may have been affected.
• Monitor your accounts: Carefully review bank statements, credit card statements, and other financial accounts for suspicious activity.
• Report identity theft: If you suspect identity theft, report it to the appropriate authorities, such as the Federal Trade Commission (FTC) or your local police department.
• Consider credit monitoring and identity theft protection services: These services can help you monitor your credit report for suspicious activity and provide assistance in the event of identity theft.

Targeted Attack

• Phishing: A phishing attack involves the use of social engineering to manipulate or trick people into giving away sensitive information. Cybercriminals will send fake yet genuine-looking emails with aggressive and threatening messaging that is used to scare the reader into clicking a provided link. The given link directs the reader to a malicious login page that will supposedly help fix the issue, but is really designed to capture and steal their username and password.
• Malware: A malware attack occurs when an individual is tricked into opening a malicious attachment, link, or website, which then infects the user’s device or network, gains access to and steals personal data or any valuable data, and then transmits this data back to the command and control (C&C) servers run by the cybercriminals.
• Denial-of-Service: The function of a DoS attack is to shut a machine or system down. This is accomplished by overloading an organization’s network or website with a surge of illegitimate traffic, or by sending input that exploits bugs in the target, which ultimately causes the system or device to crash or become highly destabilized. Either way, legitimate users are denied access to services. 
• Exploit: Cybercriminals are consistently searching for software bugs or vulnerabilities to take advantage of to unlawfully gain access to a system and its data. Inevitably, software will have some bugs and vulnerabilities, and it’s a constant battle to see who will find  them first – cybercriminals, who will exploit them, or cybersecurity teams, who will report to the manufacturers. Some criminals have even developed exploit kits to make these cyberattacks easier. 

What are the Consequences of a Data Breach?

The consequences of a data breach can be disastrous. The actual cost of a data breach depends on what kind of information has been compromised:

• Individuals: Identity theft occurs when Personally Identifiable Information (PII) is stolen. This can be devastating for an individual. Everything from banking details to Social Security numbers can be stolen and used to completely take control of a person’s financial information. Cybercriminals can open new utility accounts or lines of credit under the victim’s name, withdraw money from bank accounts, steal tax refunds or airline rewards, steal health insurance or government benefits, and even sell passports on the dark web. The results of these activities can include ruined credit scores and major legal trouble, the resolution of which is extremely difficult and time-consuming.  
• Businesses: Data breaches involving business data can have severe consequences for not only a business’s finances, but also their reputation. If customers’ data is stolen in a business’s data breach, this has a highly negative impact on customers’ trust in the company. Data breaches at businesses have resulted in leaked banking and credit card numbers, Social Security numbers, sensitive photos and videos, and more, leading to major lawsuits and overall contempt from the public. Some businesses may proactively choose to invest in data breach insurance to help them cope financially in the event of a security incident.  
• Governments: A government data breach can mean a major threat to national security and the safety of its citizens. Compromised government data, such as wartime operational plans, voter database information, and government employee personal information, can end up in the hands of domestic criminals and foreign factions with malicious intent.

Data Breach Examples

There have been several major data breaches in the 21st century. Some of the most infamous recent data breaches include: 

• 2010: Former U.S. Army soldier Chelsea Manning leaked large volumes of confidential military data to the public.
• 2011: A data breach in Citibank’s credit card operations resulted in the compromise of approximately one percent of their customers’ accounts. 
• 2012: Cybercriminals used information manipulated out of Amazon’s tech support via social engineering to use Apple’s password recovery system, and subsequently hack into and wipe out the personal devices as well as Gmail and Twitter accounts for Mat Honan, current editor-in-chief at MIT Technology Review. 
• 2013: Edward Snowden, former computer intelligence consultant at the U.S. National Security Agency (NSA), leaked classified data that revealed widespread spying by NSA and similar agencies in other countries. 
• 2014: An exploit attack that targeted usernames and passwords and security questions on Apple iCloud resulted in a data breach that leaked nearly 200 celebrity photos. 
• 2015: Ashley Maidson, an adult online dating service that specifically targets individuals seeking to arrange extramarital affairs, had all of its customer data stolen by hackers who threatened to expose its users if the website was not shut down. 
• 2016: A 15-year-old British hacker accessed and leaked the personal data of over twenty thousand employees at the U.S. Federal Bureau of Investigation via social engineering. A judge deemed this attack to be “politically motivated cyber terrorism” and resulted in the attacker receiving a two-year prison sentence. This same year, Yahoo! was responsible for one of the biggest data breaches of all time – three billion user accounts were compromised between 2013 and 2016. 
• 2017: The “Paradise Papers” – major data breaches involving the leak of 13.4 million confidential electronic documents relating to the offshore activities of national leaders, wealthy individuals, and companies. This security incident highlighted the different strategies and artificial structures that companies and individuals use to avoid paying taxes.
  In the same year, Equifax was responsible for the compromise of the private records of approximately 147.9 million Americans,15.2 million British citizens, and 19 thousand Canadian citizens – one of the largest data breaches to date. The Equifax data breach settlement with the FTC included up to $425 million to help anyone who is affected by data breaches stemming from Equifax’s security incident.
• 2018: Former Cambridge Analytica employee Christopher Wylie disclosed information regarding the Facebook–Cambridge Analytica data scandal, which involved the collection of Facebook users’ personal information by British consulting firm Cambridge Analytica, largely for the purpose of political advertising, without user consent. The result was the FTC levying a $5 billion civil penalty against Facebook.
• 2019: Approximately 139 million users of graphic design service Canva had their personal information compromised.
• 2020: Multiple US federal government entities as well as private organizations were subjected to one of the worst cyber-espionage incidents ever suffered by the U.S. The cybercriminals exploited software or credentials from at least three U.S. firms – Microsoft, SolarWinds, and VMware. Some of the affected organizations include NATO, the government of the United Kingdom, the European Parliament, and Microsoft. 
• 2021: A recent data breach was revealed when security researcher Alon Gal discovered a leaked database belonging to Facebook containing 533 million accounts, including the personal information of Facebook users from 106 countries.
• 2022: One of the latest data breaches occurred when an undisclosed number of DoorDash customers had their names, email addresses, delivery addresses, phone numbers, and partial payment card numbers stolen by the same cyber criminals who carried out an SMS phishing attack on Twilio employees the same year.

By understanding data breaches and taking proactive steps to protect sensitive information, individuals and organizations can minimize their risk and mitigate the potential consequences of these security incidents.