What is data breach and why does it matter to you?
At fourteen years old, I received an extraordinary gift: a diary! It wasn't an ordinary diary; it had a lock, and I always carried the key with me. I thought nobody could open my diary, so I wrote the most personal sensitive information in it. For example, when I had my first kiss, I wanted to capture the moment, so I disclosed my deepest feelings. Then, one day I entered the room and saw my mom reading my diary. A data breach is a security incident where sensitive, protected, or confidential information is copied, transmitted, viewed, stolen, or used by someone unauthorized to do so. The keywords are "without authorization." Data Breaches can be intentional and unintentional incidents. Both cases are painful. An example of an intentional incident would be my mom reading my diary. I know my mom did her best to protect me and considered it appropriate to break into my sensitive personal information. In her mind, that was what a good mom should do. I get it now, and moms are just moms, right? It's different when hackers, scammers, and Cybermonsters intentionally break into a database to steal personal information. Data breaches are common occurrences today. One out of every three businesses experiences a data breach each year. Hackers often try to trick people into giving away sensitive information like usernames, passwords, credit card numbers, etc., then sell that information online. Cybermonsters sometimes exploit software systems vulnerabilities to gain access to confidential data. And some companies suffer data breaches because employees make mistakes. But, most often, cybercriminals gain access to sensitive data because someone left a laptop unattended, opened a file cabinet, or never updated their devices. An example of an unintentional data breach incident would be a system failure, a computer breaking causing the access to personal sensitive information available to others. There are many reasons for a data breach, including phishing, poor security practices, human error, and even negligence. A data breach could result from single or multiple incidents over time. In addition to being a security risk, data breaches are costly. They can result in significant legal liabilities and fines, including those levied under the Health Insurance Portability and Accountability Act (HIPAA); the Sarbanes–Oxley Act (SOX). There are also state laws regarding consumer protection, employment law, privacy, and federal laws regarding the Federal Trade Commission (FTC). Consequences of data breaches The consequences of a successful cyberattack or data breach can be devastating. Cybermonsters steal data, causing significant financial losses for businesses, governments, and regular people like you and me. They can use that data for financial gain, blackmail victims into doing things like paying off debts, giving up trade secrets, or even committing identity theft. Or hackers might exploit that stolen data to inflict physical harm on people or institutions. Cybermonsters take advantage of the fact that many companies store large amounts of customer data online, employees, and business parties. In a data breach, they can find out a person's name, address, phone numbers, email addresses, social security numbers, credit card numbers, driver's licenses, passports, tax ID, medical records, bank account information, and much more. This type of information is known as Personally Identifiable Information (PII). PII is considered one of the most valuable commodities on the internet because it allows potential buyers to build detailed profiles of consumers, allowing them to market products and services specifically to those people. Once hackers have gained access to a database containing PII, they can do a lot of damage. For example, they can use the information to impersonate real people and send phishing emails to unsuspecting employees, tricking them into revealing login credentials. Hackers can also use the information to make fraudulent purchases or withdraw money directly from a victim's bank accounts. In some cases, criminals may try to alter the PII, change the names associated with the data or add fake identities to the list. Here are some examples of the types of data breaches and why they happen: 1. Stolen Information This occurs when someone uses another person's identity without permission. For example, a thief might use a victim's name, address, Social Security number, date of birth, and mother's maiden name to open fraudulent accounts in his/her/they name. I know many cases when family members are involved in this type of data breach because they are close to the person and know their habits. One example is Susan. She was struggling emotionally and financially. Susan decided to use her niece's social security information and personal data to sign up for questionable services that could render her some benefits. Sadly for her niece, it took years to reverse the damage. Stolen information could also happen in a business environment. For example, if a careless employee leaves sensitive information, their computer unlocked and visible, and someone steals it, compromising the organization and its intellectual property. 2. Identity theft Identity thieves or Cybermonsters obtain sensitive information about people and use it fraudulently. This includes stealing identities, opening fake bank accounts, applying for loans, and obtaining credit cards. Not every data breach results in identity theft, and not every identity theft is the same. One new form of fraud is Synthetic Identity theft which combines real information from a data breach with fake details to create a new identity. Children are a common target for this type of fraud because they have a clean social security number and credit history that normally remains unchecked until they reach adulthood. 3. Ransomware Ransomware is when you receive a message stating your computer or phone has been locked or encrypted. Then, the victim receives a ransom note demanding payment to get the information back. In many cases, Cybermonsters threaten the victims to release the data to pressure them, as it may affect other business partners, employees, or customers. One way to become a victim of ransomware is through phishing emails which involve sending email messages that look like they're coming from legitimate sources such as banks or credit card companies. Cybermonsters use this tactic to trick people into giving away their login credentials. What are the Top 5 most significant data breaches of all time? Know more... https://sandraestok.com/what-is-data-breach-and-why-does-it-matter-to-you/