A data breach is a security incident in which information is accessed without authorization. Data breaches can hurt businesses and consumers in a variety of ways. They are a costly expense that can damage lives and reputations and take time to repair.
Personally identifiable information — such as full names, credit card numbers, and Social Security numbers — is the most common form of data lost to data breaches, with personal financial information close behind.
Corporations and businesses are extremely attractive targets to cyber criminals, simply due to the large amount of data that can be nabbed in one fell swoop.
Why do data breaches occur?
Cybercrime is a profitable industry for attackers and continues to grow. Hackers seek personally identifiable information to steal money, compromise identities, or sell over the dark web. Data breaches can occur for a number of reasons, including accidentally, but targeted attacks are typically carried out in these four ways:
- Exploiting system vulnerabilities. Out-of-date software can create a hole that allows an attacker to sneak malware onto a computer and steal data.
- Weak passwords. Weak and insecure user passwords are easier for hackers to guess, especially if a password contains whole words or phrases. That’s why experts advise against simple passwords, and in favor of unique, complex passwords.
- Drive-by downloads. You could unintentionally download a virus or malware by simply visiting a compromised web page. A drive-by download will typically take advantage of a browser, application, or operating system that is out of date or has a security flaw.
- Targeted malware attacks. Attackers use spam and phishing email tactics to try to trick the user into revealing user credentials, downloading malware attachments, or directing users to vulnerable websites. Email is a common way for malware to end up on your computer. Avoid opening any links or attachments in an email from an unfamiliar source. Doing so can infect your computer with malware. And keep in mind that an email can be made to look like it comes from a trusted source, even when it’s not.