What Is a Data Breach?
A data breach occurs when sensitive information—such as credit card numbers, health records, or passwords—is copied, transmitted, viewed, stolen, or otherwise disclosed by an individual unauthorized to do so. Also known as a hack, cyber attack, data leak, or information leak, a breach can be caused by human error, malware, or a flaw in a cybersecurity infrastructure.
A malicious insider is the most common cause of a data breach. These attackers may have legitimate authorization to access a company’s network, but they often have the intent to cause harm. This includes stealing data for financial gain, selling it to others, or using it to blackmail companies.
Other causes of a data breach include leaving credentials or access keys in source code (a common mistake made by developers) and exploiting vulnerabilities in applications and other IT infrastructure. Eavesdropping on unencrypted traffic is another way hackers can steal data.
When a company experiences a data breach, it needs to work quickly to notify affected individuals. It should also review its cybersecurity infrastructure to make sure a single incident won’t lead to multiple breaches.
For example, if someone’s names and Social Security numbers are exposed in a breach, the company should alert those who have accounts at banks or credit-card companies so they can monitor for signs of fraud. It should also advise victims to contact the major credit bureaus to request fraud alerts and a credit freeze.
Aside from the immediate cost of fixing a data breach, it can also damage a business’s reputation and stock price. After a data breach, publicly-traded companies lose an average of 7.5% of their share value and it takes 46 days for them to regain their pre-breach market position.