What is a Data Breach?
Data Breach refers to any unauthorized access to sensitive information or an attack against the integrity of the information. It can include everything from personal files to details of highly confidential health records or financial information. It can be due to human error (as is often the case) or flaws in a company’s infrastructure, such as the failure of security measures.
Cybercriminals typically target companies that have a large amount of customer and contributor information. They are looking for data they can sell or use to commit fraud, such as names, email addresses, dates of birth, credit card numbers and bank accounts. This could be done by exposing your payment details on the dark web or impersonating someone to trick you into wiring money or sending information (BEC attacks).
You should be aware of how your employees and business partners store your data. If they leave sensitive information on their computers, phones or laptop hard drives, it can be easily accessed by cyber criminals. They can also lose data storage devices that carry information like backup tapes or flash drives.
When a breach is discovered, you should let the government know as soon as possible. In most cases, this means letting the state’s attorney general. You should also notify the affected individuals, depending on the type of data that was stolen and how it could be used. The loss of consumer and contributor trust is a big part of the damage that comes from a data breach.