Understanding the Impact of a Data Breach
Though people have reached a seeming point of desensitization to news citing a data breach, protecting user data has become increasingly important amid stricter regulation implementation. Companies are no longer just required to announce that their systems have been breached but also pay fines that can reach up to 4 percent of their annual turnover should they deal with the data belonging to European Union (EU) citizens in accordance with the General Data Protection Regulation (GDPR) requirements.
Just this year, big names such as Macy’s, Bloomingdale’s, and Reddit have joined the ever-growing list of breach victims. Compromised data is a subject that needs the public’s full attention. Data breaches can result in the loss of millions, even billions, of private records and sensitive data, affecting not just the breached organization, but also everyone whose personal information may have been stolen.
What is a data breach?
A data breach occurs when a cybercriminal successfully infiltrates a data source and extracts sensitive information. This can be done physically by accessing a computer or network to steal local files or by bypassing network security remotely. The latter is often the method used to target companies. The following are the steps usually involved in a typical a breach operation:
- Research: The cybercriminal looks for weaknesses in the company’s security (people, systems, or network).
- Attack: The cybercriminal makes initial contact using either a network or social attack.
- Network/Social attack: A network attack occurs when a cybercriminal uses infrastructure, system, and application weaknesses to infiltrate an organization’s network. Social attacks involve tricking or baiting employees into giving access to the company’s network. An employee can be duped into giving his/her login credentials or may be fooled into opening a malicious attachment.
- Exfiltration: Once the cybercriminal gets into one computer, he/she can then attack the network and tunnel his/her way to confidential company data. Once the hacker extracts the data, the attack is considered successful.
What are the biggest breaches to date?
The following table shows the 10 biggest breach incidents reported to date:
What types of data are usually stolen?
The motive of a cybercriminal defines what company he/she will attack. Different sources yield different information. Based on the data stolen, here are specific types of information that are of value to cybercriminals. Hackers search for these data because they can be used to make money by duplicating credit cards, and using personal information for fraud, identity theft, and even blackmail. They can also be sold in bulk in Deep Web marketplaces.
- Member name
- Date of birth
- Social Security number
- Member identification number
- Email address
- Mailing and/or physical address
- Telephone number
- Banking account number
- Clinical information
- Claims information
End users are almost never the target of cybercriminals who are out to steal sensitive information in bulk, unless an individual is connected to an industry (see Spear Phishing). However, end users can be affected when their records were part of the information stolen from big companies. In such cases, it is best to take note of the following practices.
- Notify your bank. Verify your account details and change PIN codes.
- Double-check email addresses from incoming emails. Cybercriminals can pose as bank representatives and ask for credentials.
- Do not click suspicious-looking links or download files from unknown sources.
- If credentials or financials have been tampered with, contact the breached company and ask if they can assist in enrolling you to a fraud victim assistance program.
Cloud Synergy is available to assist you with developing a surefire business continuity plan! Keep your valuable business data safe, contact our certified solutions architects today to set up a free consultation.