What is a Data Breach?
A data breach is an incident involving the theft or exposure of sensitive, confidential, or protected information. The incident is generally considered a security violation that has the potential to cause significant financial or reputational damage. It is also known as information leak, data loss or unauthorised disclosure of information.
It is usually the result of a cyber attack, which occurs when malicious software (malware) gains access to computer systems or networks and steals information. It can also be the result of an employee mistake, in which case a business should review its employee training and procedures to ensure that it is taking steps to protect information.
Physical breaches can happen when someone steals a USB drive or finds a misplaced document that contains confidential or personal information. They can also occur when a criminal installs devices on ATMs, point of sale (POS) terminals and fuel pumps to record card information or steal PINs from people using the card at these machines.
When a company experiences a data breach, it must notify law enforcement and customers or users. It must also take steps to determine the source of the breach and remediate any vulnerabilities that could be used by attackers in the future.
Individuals who discover that they are victims of a data breach can find out what type of information was leaked or stolen and should check whether it is possible to spot any suspicious activity on their bank accounts. They can also change their passwords, set up fraud alerts and place a credit freeze on their accounts if they think that they may be at risk of identity theft.