What is a Data Breach?
A data breach is when sensitive information is exposed to unauthorized individuals. This could include personal details like a person’s name, date of birth, email address or telephone number; financial data like their bank accounts and credit card details; medical records, photos and insurance documents; or intellectual property, including designs and inventions. Data breaches can be accidental or intentional.
Accidental breaches are often caused by misconfigurations, such as storing confidential data in unsecured locations or accidentally giving network users access to more sensitive information than they need. Human error, such as misplacing devices with sensitive data or granting employees too much access privilege, is also a common cause of breaches.
Malicious attacks by hackers are another common cause of breaches. Attackers may sell the compromised data on the dark web, use it for identity theft and fraud, or threaten people or businesses. For example, the hacker group Guardians of Peace used data stolen from Sony to pressure it into canceling a release of the film The Interview, which was critical of North Korea’s leader Kim Jong Un.
Physical attacks, such as breaking into offices to steal employees’ devices or paper files, are also a cause of data breaches. Attackers can also install skimming devices on point-of-sale terminals to collect payment card information, as happened in the 2007 breach of TJX, which owns Marshalls and TJ Maxx stores. Hackers can even use traffic sniffers to capture information as it passes over wireless networks, as they did in the 2013 Yahoo breach. Another technique attackers use is “credential stuffing,” where they take the credentials exposed in previous breaches and attempt to break into a victim’s accounts across dozens of different services by using them as usernames and passwords.