What is Data Breach?
What is Data Breach?
A data breach is a cyberattack that exposes sensitive information from a network, device, application or server. The breach may result from a hacker cyberattack, insider risk, unpatched applications, or malware. It can expose private customer information, corporate secrets, or financial data. It can also result in fines and reputation damage that can be long-lasting.
The data breach lifecycle begins with a hacker discovering and exploiting vulnerabilities in hardware, software, or networks. This is known as a zero-day attack because the attacker knows the vulnerability exists before the organization is aware of it. They use techniques such as privilege escalation and lateral movement to gain access to the network.
Once the hacker has gained access, they will steal data or manipulate it to benefit their own goals. For example, a hacker might send fraudulent emails and other social engineering tactics to trick people into revealing their personal information. They could then use that information for phishing attacks or ransomware, in which they threaten to destroy or block access to data and systems unless victims pay them money.
An insider threat can be as devastating as a cyberattack from an outsider. Malicious insiders, such as former employees, can steal or sell data to cyber criminals. The data breach they cause can harm people by stealing their banking details, health information or login credentials for email and social networking accounts. It can ruin their credit, make them ineligible for loans or mortgages and even lead to identity theft.