BotNet News

A Data Breach occurs when personal information (PII) is accessed, lost, stolen, or modified without the owner’s consent. This includes unauthorized modification, deletion, and exfiltration of data.

Attackers seek all sorts of sensitive data, such as intellectual property, research and product designs, customer lists, and source code. They may also target specific individuals and businesses for their names, social security numbers, and financial or credit card accounts. For example, the breach of TJX Corporation, the parent company of retailers TJ Maxx and Marshalls, in 2007 resulted in the theft of 94 million records of customers. These hackers used the data to commit fraud and identity theft against those consumers.

Hackers may use a variety of tactics to gain access to private data, including social attacks and network attacks. They start by researching a target—finding out what hardware and software they use, their security practices, what partnerships they have, and so on. Then, they scan networks and open ports, enumerating devices and accounts, and looking for vulnerabilities to exploit. Once inside, they exfiltrate the data they want or sabotage it by destroying it, taking over servers, or imposing a ransom.

Once a breach has happened, it’s important to work with forensics experts to determine how the data was compromised. For example, if sensitive account access information — such as bank and credit card account numbers or PINs — was exposed it’s important to notify those affected so they can update their accounts. This can help reduce phishing scams and other types of fraud, as well as speed up the time it takes to detect and resolve such crimes.