What Is a Data Breach?
What Is a Data Breach?
A data breach means someone has accessed your sensitive information without authorization, either maliciously or accidentally. Attackers may use this stolen information for illegal purposes like identity theft, financial fraud and tax evasion. The impact can be devastating to businesses including fines from external regulations, lost business opportunities and reputational damage with customers, clients and employees.
Attackers can gain access to your information through stolen credentials, hacking or unauthorized software updates and upgrades. These vulnerabilities can be introduced by security misconfigurations in your web or application servers, cloud applications and network services. They can also be found on remote devices, such as smartphones or tablets that connect to your networks.
Once attackers breach your systems, they can steal data for their own purposes or extort the victims for ransom. Stolen data can include personal identifiers such as names, dates of birth and Social Security numbers or financial information including credit card or bank account details. It can also include health information protected by regulations like HIPAA and intellectual property such as patents and copyrighted materials.
Depending on the type of data breached, you need to act quickly to mitigate the impact. If your information has been posted on the internet, you’ll need to contact search engines and other websites to request they remove it. If it was exposed by a malware incident, you’ll need to find out how it happened and fix the vulnerability that led to it.