Anatomy of a Data Breach
Arguably no phrase has dominated the tech world in the last 24 months more than the term "data breach." The past two years have been saturated by headlines of cybersecurity mishaps, from breaches that have impacted critical infrastructure like the Colonial Pipeline to hackers compromising healthcare records at UC San Diego Health. Yet, despite the prevalence of the breach-centric news cycle, many everyday individuals may not know what a data breach is, how they typically start, and why they occur.
According to IBM, the average time it takes to identify that a breach has occurred is 287 days, with the average time to contain a breach clocking in at 80 days. And with 81% of businesses experiencing a cyberattack during COVID, individuals must be familiar with the anatomy of a data breach to keep their data and their client's data safe.
With that in mind, here is some helpful background on data breaches and why they are so problematic.
What is a data breach?
While it may seem complex, a data breach is straightforward to explain once you clear away the jargon fog. According to Trend Micro, a data breach is "an incident where information is stolen or taken from a system without the knowledge or authorization of the system's owner." And while data breaches can result from a system or human error, a vast majority of data breaches result from cyber attacks, where a cybercriminal gains unlawful access to sensitive system data. For example, 92% of the data breaches in Q1 2022 resulted from cyberattacks.
What kind of data can be breached?
Unfortunately, cybercriminals look to get their hands on any information they can, ranging from more sensitive information such as social security numbers and credit card information to more obscure data like past purchase history.
What are some of the tactics used to execute data breaches?
Cybercrime is getting more sophisticated each day. However, cyberattack tactics do not have to be cutting-edge or advanced to be effective. Here are a few examples of popular tactics used by cybercriminals:
- Phishing: Phishing is when a cybercriminal pretends to be a legitimate party in hopes of tricking an individual into giving them access to personal information. Phishing is one of the oldest tricks in the book for cybercriminals, but it is just as effective as ever. For example, 80% of security incidents and 90% of data breaches stem from phishing attempts.
- Malware: Another tried-and-true method for cybercriminals is malware. Malware is malicious software that secretly installs itself on devices – often by a user engaging with fake links and content – and quietly gains access to the data on an individual's device or a business network.
- Password Attack: Through password attacks, cybercriminals seek access to sensitive data and networks by "cracking" user passwords and using these credentials to get into networks and extract data from a given network.
The best way to stop a data breach is to stop it before it even starts. This includes taking steps from making sure passwords are long and complex to reporting all suspicious emails. If you suspect you have been the victim of a breach, immediately contact your IT department or device provider to notify them and follow subsequent protocols to help them scan, detect, and remediate any issues.
For more information on protecting your data, your client’s and your family, visit our Cybersecurity page.