As more and more data is being stored in various databases, it doesn’t come as a surprise that data breaches and leaks are getting more common as well. You don’t need to be an IT professional to know that data breaches are a big deal and can cause a lot of harm. Whenever a large data breach occurs, the media is sure to let people know what has happened. Especially if a lot of data has been stolen — or the target of the breach is a major organization.
Luckily, by being prepared and learning more, you can minimize the risk of becoming a victim of a data breach or a leak. In case a data breach still happens and confidential data gets into the wrong hands, there are some things you can do to prevent things from getting worse. First, let’s get the definitions straight.
A data breach happens when someone gets through security barriers and gains unauthorized access to a database. Naturally, this is done without the knowledge of the owner of the data. Because of this, data breaches are a form of cyber crime and thus are punishable by law.
On top of that, the data that is accessed, stolen or destroyed in a data breach is often sensitive and confidential in nature. Such data may include people’s financial information, medical records, passwords and other personal details. For individuals, the biggest threats posed by data breaches include account takeovers and identity theft done with the stolen information.
Criminals may also threaten companies and organizations after successfully carrying out a data breach. Both large and small businesses and organizations can become the targets of a security incident where data is stolen. The criminals often use the stolen data for blackmailing the companies whose data has been stolen. After becoming a victim of a data breach, the targeted company is threatened with the release of stolen information if they do not pay a ransom. However, this should not be confused with ransomware, a type of malware.
Now you know what a data breach is, but what about data leaks? These two terms are often used as synonyms, so it’s understandable to be confused. However, there are some differences between data breaches and data leaks. Although both data leaks and data breaches involve confidential data getting into the wrong hands, the way this data is obtained can be different.
Many data breaches and leaks have made their way into international news as the personal data of hundreds of thousands or even millions of individuals have been stolen. Here are a couple of well-known examples from recent history:
The Equifax data breach (2017)
What makes the Equifax data breach famous is both its size and the type of data that was compromised. Equifax is a large American consumer credit agency and the data breach against them compromised the information of more than 147 million American citizens as well as millions of people in Great Britain. The personal ID, credit card numbers and other highly confidential information of more than 200 000 Americans were stolen by the criminals. The Equifax data breach was traced back to a group of Chinese hackers.
Yahoo data breaches
Personally identifiable information of more than 3 billion Yahoo users was compromised in multiple data breaches that spanned several years. The Yahoo data breaches include two large incidents in 2013 and 2014 which were made public later in 2016. These data breaches account for the largest such security incident in the history of the internet, with affected individuals in several countries. The stolen data includes names, email addresses, telephone numbers, birth dates and more.
In addition to individuals whose data is being stored, both large and small companies need to take data breaches seriously. The consequences for businesses and organizations can be very serious if they become the victim of a data breach. According to a 2021 report by IBM, the average cost of a data breach was more than 4.2 million USD. In other words, the financial damage caused by a data breach is significant. On top of that, the harm to a business's reputation is great as a consequence of a data breach.
Businesses and organizations must also make a report within 72 hours of discovering the data breach in case the breach poses a risk to individuals. In more severe cases where the individuals whose data has been compromised are at risk, they should be informed personally by the data processor.
Luckily there are some things you can do to protect yourself against data breaches. Although you may not be in control of the databases where your sensitive data is stored, you can minimize the amount of information that databases have about you. This way you can limit what criminals can steal in a data breach. In case they steal your password, you can change it and prevent them from accessing your data with it.
These tips are ones that everyone should consider to protect themselves and their devices. The unfortunate fact about data breaches is that in many cases you are not the one in control of the stored data and thus cannot prevent a data breach from taking place yourself.
Has your personal information been exposed in a data leak? Check for free with F‑Secure Identity Theft Checker.
Identity theft is no small nuisance. Data stolen in a breach or leak can be used against you. For example, if your personal data has been compromised it can be used to make purchases in your name. The leaked personal information can also be used to impersonate you on social media.
F‑Secure ID PROTECTION helps you avoid identity theft. It comes with around-the-clock data breach monitoring as well as a password vault for easy logging in and storing your passwords. In case a data breach occurs and your personal data is compromised, ID PROTECTION alerts you. This gives you time to secure your personal information online and minimize risks. You will also receive advice from our cyber security experts.
Read more and try ID PROTECTION for free.