A data breach is a computer security incident where confidential information is accessed by hackers deliberately or by interlopers accidentally. This can hurt businesses through loss of confidence by their customers and businesses can be fined if they have not taken due care of their customer data.
The largest examples of data breaches involve hundreds of millions of records of people’s data and sometimes this includes financial data or even passwords.
There is a website at https://haveibeenpwned.com/ which allows anyone to check if their data been released in a data breach. This currently shows more than 9 billion accounts involved in data breaches – clearly some people’s accounts have been accessed repeatedly.
The average cost to a business of a data breach is in millions of dollars although many are fairly small or even zero cost except for time wasted. That cost is made up of fines, restorative work needed on their systems, improvements to computer security, payment of damages to customers and loss of business.
Cybercrime is a profitable industry for attackers and continues to grow. Hackers look for information they can make use of – especially to sell to other criminals for identity fraud etc.
Most attacks that lead to data breaches take advantage of poorly built or maintained computer systems or finding people’s logins and password by simply guessing. Too many people still have obvious passwords or use words that are in the dictionary and hackers can run programmes to try every word in the dictionary as a password.
Some data breaches are highly sophisticated attacks by teams of hackers but many could simply be avoided by businesses having decent computer protection and keeping up to date with system patches.
For businesses that fail in their care of customer data there can be significant fines and some never recover from the reputational damage.
Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.