BotNet News

Data Breach is when sensitive personal information, such as passwords, credit card numbers or social security numbers, are stolen by unauthorized individuals. This is one of the most common and widespread cyber crimes and can have far-reaching effects, including financial loss, regulatory fines, reputational damage and an erosion of consumer trust. Hackers are constantly finding new ways to circumvent defences, making it a challenge for businesses to keep up.

A company may lose confidential information in a variety of ways: via phishing, malware or lost or stolen equipment. In addition, employees can make innocuous mistakes, such as sending emails to the wrong person. The biggest cause of data breaches, however, is a malicious insider — whether an angry employee seeking revenge, or a greedy employee wanting to profit from the information they have accessed.

Attackers will typically find a vulnerability, such as a software flaw, poor security practices, compromised credentials or physical security weaknesses. They then exploit the vulnerability to gain access to a target system or network. Once they have entered, they will install tools to maintain access or gather more information. They might even be able to use malware to move laterally within the breached system or network to reach more valuable repositories.

Often, attackers will sell the data they have acquired on the Dark Web. This puts those whose information has been breached at elevated risk of identity theft for years to come. Laws in many countries require companies to notify people whose information has been exposed. This could include free credit monitoring and freezes.