What Is a Data Breach?
A Data Breach occurs when sensitive, protected or confidential information is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so. It can also be referred to as unintentional information disclosure, data leak, information spill or malicious insider attack.
Criminals can use hacked data to sign up for credit cards and loans in a victim’s name, steal tax refunds, or use it for health insurance fraud. It’s essential that individuals whose personal information has been breached be notified right away so they can monitor their credit to detect any erroneous activity.
A common way for hackers to gain access to information is through a botnet, or a group of computers that are controlled by a remote hacker. This allows a hacker to use the botnet’s tools, such as software that can steal passwords and credentials from computers.
Another reason for data breaches is physical theft, such as when thieves snag a laptop hard drive or other device that contains sensitive information. They can also take information directly off point-of-sale (POS) terminals or gas pumps, such as the magnetic stripe on credit cards and the corresponding PIN.
Businesses should work with forensics experts to determine the source and scope of a data breach and identify remediation steps. This can include analyzing backup or preserved data, reviewing logs to see who has access and verifying that they are only using the information they need to do their job. It’s also a good idea to contact legal counsel with privacy and security expertise for advice on state and federal laws that may be implicated in a breach.