What is a Data Breach?
Summary
A data breach is the release of secure information to an untrusted environment. It could be the leaking of credit card data from a hacked server, personal information on social media or internal company emails. Hackers, insiders and malicious software all contribute to a data breach.
Some attackers seek financial gain by selling stolen information on the dark web. Others may work for the government to spy on competitors or test their skills.
In 2022, the telecommunications company Optus suffered a major data breach that affected 9.8 million people. The breach included customer information such as names, dates of birth, email addresses, phone numbers and payment details. The company offered two years of identity resolution services and free credit monitoring to affected customers.
US pharmaceutical giant PharMerica experienced a data breach in March that impacted 5.8 million patients. The breach uncovered names, date of birth, medical information, health insurance data and other details.
Other companies have also suffered data breaches in recent years. Examples include Equifax, Yahoo! and Marriott International.
If your organization experiences a data breach, it’s important to act quickly to stop the spread of information and to prevent additional damage. Notify law enforcement, other affected businesses and individuals as soon as possible. Designate a point person in your organization to communicate with victims and to provide them with the latest information. Make sure that person knows how to contact your legal department if they have questions about the breach.