BotNet News

Whether an employee accidentally emails confidential data to the wrong person or malicious outsiders steal customer information from your servers, data breaches can damage consumer trust and cause serious financial loss. They may also put your business at risk of litigation and regulatory action.

The types of information stolen by cyber criminals in data breaches varies, but the most common includes PII and login credentials for email, bank accounts and social media. Hackers can use this data to make money by selling it or committing fraud in your name.

Innocent mistakes, such as an employee clicking on a phishing link or storing passwords in plain text on company systems are often the root cause of data breaches. But most breaches are committed by hackers, who are motivated by either financial gain or a desire to cause harm. Once they gain unauthorized access to a company, attackers look for ways to exploit the company’s vulnerabilities. They may spend hours researching their targets to learn about missing updates or employees’ susceptibility to phishing campaigns.

They can also plant sniffers in store parking lots to intercept traffic to and from wireless networks, or use malware to steal information as it’s being transmitted from credit card readers in storefront kiosks. Attackers can also break into company offices to steal devices, paper documents and physical hard drives containing sensitive data. In a major breach in 2007, TJX (the parent company of stores TJ Maxx and Marshalls) was exposed to hackers who stole 94 million payment cards.