What is a Data Breach?
When someone with unauthorized access views, downloads or steals sensitive or confidential information from an organization that’s charged with protecting it, the organization suffers a data breach. Breaches can involve anything from credit card numbers and healthcare records to company source code and internal customer lists. Depending on the industry, government regulations may dictate who can see and use specific types of data. For example, financial institutions must comply with the Payment Card Industry Data Security Standard, while medical practices adhere to HIPAA.
Data breaches can happen in a variety of ways, from hacking and phishing to misplaced or improperly decommissioned equipment. The majority of attacks, however, start with a weak point, such as a stolen password or username, a faulty update, or a misconfigured system.
Once cyber criminals have these credentials, they can search the network for PII and other valuable information. They can also use their skills and knowledge of vulnerabilities to manipulate employees to reveal more sensitive data on their own.
For example, a cyberattack on Sony in 2014 was attributed to the Guardians of Peace, a group that’s believed to have ties to North Korea. The hackers were able to break into the company’s network, steal unreleased movies and issue threats against theaters that planned to screen The Interview, which depicted the fictional assassination of North Korean leader Kim Jong-un. In the end, Sony was forced to pull the movie from distribution. It was the company’s second largest loss ever, costing it more than $1billion in lost revenue and stock price.