BotNet News

Your source for Online Security News

A Data Breach is a security incident in which sensitive, protected or confidential information is copied, transmitted, viewed, stolen, altered or used by an individual who is unauthorized to do so. It is also referred to as an unintended information disclosure, data spill or information leak.

A breach can be a costly experience for any organization. According to IBM’s Cost of a Data Breach 2022 report, organizations that apply advanced technologies like AI and automation for threat detection and response have a 55.3 percent lower average data breach cost than those without such capabilities.

Attackers can obtain sensitive or confidential information from the dark web and other sources, but they can also infiltrate a business by physically stealing laptops or other mobile devices, breaking into company offices to steal paper documents and physical hard drives, and installing skimming devices on physical credit card readers to collect payment card numbers. Alternatively, employees may inadvertently expose a data breach by saving an email or document to non-secure location or sending it to the wrong recipient.

Regardless of the source, breaches are devastating for organizations. A breach can lead to a loss of customers, revenue and reputation and result in expensive regulatory fines. For example, in 2019, online graphic design tool Canva suffered a breach that exposed the names, addresses, phone numbers and passwords of 137 million users; in 2018, health and fitness app MyFitnessPal had its data breached, exposing email, IP, PII and login credentials including usernames and passwords stored as SHA-1 or bcrypt hashes.