What is a Data Breach?
A Data Breach occurs when sensitive, protected or confidential information is copied, transmitted, viewed, stolen or altered by an individual who is not authorized to do so. It is also known as unintentional information disclosure, information leak or data spill.
Companies that suffer a data breach often experience significant financial loss as they pay for remediation, legal fees, lost customer trust and brand damage. This is especially true for large organizations like Target, Equifax and Yahoo that suffered millions in damages due to their high profile breaches.
It can be caused by a variety of events including human error, hacking and cybersecurity infrastructure flaws. Some examples include credentials stored in public repositories (GitHub) by developers, misconfigured web apps or servers, and eavesdropping on unencrypted network traffic.
Physical theft of laptop hard drives, backup tapes and other portable storage devices is another common cause of a data breach. If these devices get into the hands of an adversary, they can be used to retrieve and send back stolen information.
Malicious actors are usually state sponsored or hired by a company’s competitor but they can also be independent opportunists. They are seeking to gain access to intellectual property, such as research, product designs and source code, or they may be looking for business secrets such as business plans, strategies and client lists. They may also be after medical and health data such as coronavirus vaccine secrets or patient records. They are often looking to sell these stolen records on the darknet or use them to open credit lines and make fraudulent purchases.