We hear about data breaches all the time and there were a few big ones in 2017. But not everyone knows the significance of data breaches. If you're wondering what exactly "data breaches" are and what effect it has on your privacy and security, read on to find out what is meant by a data breach and its impact on internet users ( you).
"Data Breach" isn't one of those vague terms whose meaning you can't guess from their etymology, but it's always good to define a key term, just to make sure it's clear for everyone. So, according to Wikipedia, “A data breach is a security incident in which sensitive, protected, or confidential data is copied, transmitted, accessed, stolen, or used by an unauthorized person. Data breaches may involve financial information such as credit card or bank details, personal health information (PHI), personally identifiable information (PII), company trade secrets or intellectual property. "
In short, a data breach means that your confidential data is now accessible by third parties (likely a hacker) who can then use it for their own benefit (and damage yours along the way).
There are different scenarios for a data breach incident to occur. When you hear of a data breach your first thought is probably hackers breaking into a company's network from the outside and stealing data, but in reality a fairly common and more damaging scenario for a breach of data is when insiders, i.e. employees of the company, are involved.
In the case of insiders, they simply copy or transmit the data to someone outside the organization, who then uses it for their own benefit. Depending on the rank of the insider and their data access privileges, the compromised data varies in nature. Lost employee devices containing sensitive data are also an example of an insider data breach.
In the second case, when hackers penetrate a company's network from the outside, data breaches occur due to a security vulnerability. The means here are more diverse – from a direct attack, to a virus attached to a message, to phishing and sniffing. In other words, if a company's network isn't properly secured, hackers can find their way around, often without much effort.
Due to the tangible nature of data, it is very difficult to detect a data breach and that is why many incidents go unnoticed and unreported. But even those that are reported number in the dozens a year. Not all of these incidents involve critical information, i.e. financial data or medical records, but basically there are at least 5 major incidents per year involving the theft of truly sensitive data from millions of people. 'users.
Since data breaches can be so devastating to an ordinary user, you may be wondering what you can do to protect yourself from damage caused by data breaches. Unfortunately, once you've given your data to a third party, there's not much you can do except hope they have strong data protection rules, good security, and loyal employees in place. P>
What you can do is research the company's security policy before creating an account and giving your data to the company, especially if you provide your credit card details. For example, if you are worried about your email security, you can switch to email providers that provide secure email services.
Probably the only thing you can do after a data breach is to change your password immediately. Not only the password for this hacked account, but also any other account using the same email/password combination. It won't restore stolen data, but it may prevent further damage – not much, but more than nothing.
Data breaches are scary and they could be really damaging. Companies do a lot to prevent data breaches and minimize the damage in the event of a data breach. However, the sad truth is that you can never be sure that a data breach won't happen, and some companies won't tell you when their servers are hacked. Just pray that you don't suffer a major data breach of your truly sensitive information – unfortunately that's the only thing you can do as a user.