What is a Data Breach?

Don't let the hype get to you

Key shaped USB flash drive on keyboard
Data breaches can take many forms, including inside jobs using a flash drive to abscond with information. deepblue4u | Getty Images

Data breaches are events where information is taken from a system without the system owner's knowledge, and usually without the account holder being aware of it, either.

The type of information taken is largely dependent on the target of the data breach, but in the past, the information has included personal health information; personal identification information, such as name, password, address, and social security number; and financial information, including banking and credit card information.

While personal data is often the target, it is by no means the only type of information that is desired. Trade secrets, intellectual properties, and government secrets are highly prized, though data breaches involving this type of information don’t make the headlines quite as often as those involving personal information.

Types of Data Breaches

Often we think of a data breach occurring because some nefarious group of hackers infiltrates a corporate database using malware tools to exploit weak or compromised system security.

Targeted Attacks
While this certainly happens, and has been the method used in some of the most renowned breaches, including the Equifax data breach in the late summer of 2017, which resulted in more than 143 million people having their personal and financial information stolen, or the 2009 Heartland Payment System, a credit card processor whose computer network was compromised, allowing hackers to gather data on over 130 million credit card accounts, it's not the only method used to acquire this type of information.

Insider Job
A large number of security breaches and the taking of company data occur from within, by current employees or recently released employees who retain sensitive knowledge about how the corporate networks and databases work.

Accidental Breach
Other types of data breaches don't involve any type of special computer skills, and certainly aren't as dramatic or newsworthy. But they happen just about every day. Consider a health care worker who may accidentally view patient health information they don't have authorization to see. HIPAA (Health Insurance Portability and Accountability Act) regulates who may see and use personal health information, and the accidental viewing of such records is considered a data breach according to HIPAA standards.

Data breaches can occur, then, in many forms, including the accidental viewing of personal health information, the employee or former employee with a beef with their employer, individuals or groups of users that make use of networking tools, malware, and social engineering to gain illegal access to corporate data, corporate espionage looking for trade secrets, and government espionage.

How Data Breaches Occur

Data breaches occur primarily in two different ways: an intentional data breach and an unintentional one.

Unintentional Breach
Unintentional breaches occur when an authorized user of the data loses control, perhaps by having a laptop that contains the data misplaced or stolen, using legitimate access tools in such a way as to leave the database exposed for others to see. Consider the employee who heads off to lunch, but accidentally leaves their web browser open on the corporate database.

Unintentional breaches can also occur in combination with an intentional one. One such example is the use of a Wi-Fi network set up to mimic the look of a corporate connection. The unsuspecting user may login to the fake Wi-Fi network, providing login credentials and other useful information for a future hack.

Intentional Breach​​​
Intentional data breaches can occur using many different techniques, including direct physical access. But the method most often mentioned in the news is some form of cyber attack, where the attacker embeds some form of malware on the target's computers or network that provides access to the attacker. Once the malware is in place, the actual attack may occur right away, or extend over weeks or months, allowing the attackers to gather as much information as they can.

What You Can Do

Check to see if Two-Factor Authentication (2FA) is available, and take advantage of the increased security it provides.

If you believe your information is involved in an incident, be aware that data breach notification laws vary by state, and define under what conditions customers have to be notified. If you believe you're part of a data breach, contact the company involved and have them verify if your information has been compromised, and what they plan to do to alleviate the situation.