What Are Data Breaches?
There is a huge amount of personal data currently stored online – whenever you shop, make an application or create an account you are handing over information to an organisation you can hopefully trust. But, how secure is that information? What happens if it is stolen? Below we look at what happens when an organisation has sensitive data stolen, in what is known as a ‘data breach’.
What is a Data Breach?
A data breach occurs when sensitive or confidential data is accessed by a party who is not authorised to do so. This data can include things such as passwords, credit card numbers, health records or addresses. Data breaches can range in size from millions of records being lost to a single individual viewing information they should have not seen.
Data breaches have grown in frequency over the past decade as the sheer amount of information stored online has grown exponentially. A data breach may not always lead to criminal activity, but there can be other ramifications for the individuals whose information has been lost.
How Do Data Breaches Happen?
Data breaches can often conjure up images of hackers in a far-flung country gaining access to a private computer network and downloading huge amounts of information to use for nefarious purposes. Although this does happen, there are also more mundane occurrences that can lead to a data breach. For example, an employee of a company leaving a laptop on a train or an email containing sensitive files being sent to the wrong address.
According to the 2016 Data Breach Investigations Report produced by Verizon, “63% of confirmed data breaches involved weak, default or stolen passwords”. This is the most common way hackers gain access to a system, either by using software to guess a password, using ‘phishing’ techniques or installing software designed to record sensitive information – known as ‘malware’.
There may also be vulnerabilities in an organisation’s technology that allow cybercriminals to gain access or insert spying software. In some scenarios, data breaches may also be intentional and caused by a disgruntled ex-employee looking for revenge or someone who is motivated by politics or espionage.
Who is Affected by Data Breaches?
The impact of a data breach on consumers depends very much on the information that is released. Sometimes it may be financial information such as bank account details or credit card numbers, which could be used directly by fraudsters. If passwords or email addresses are leaked, it may just require users to change passwords, although it could also be used in a phishing attempt to gather more valuable information.
Sometimes the data that is released may not be used for criminal means, but can result in embarrassing or difficult situations for the consumers affected. Revelations about an individual’s health, their dating life or political affiliation may have an impact on their relationships or their career.
The biggest impact of a data breach can often be on the organisations losing the data. As well as affecting the confidence consumers have in that organisation, a data breach can also cost a company dearly in lost revenue. This is why it is crucial for organisations, commercial or otherwise, to ensure their protocols are up-to-date and in line with best practice.
How Can You Protect Your Data?
Handing your data over to a company involves a certain level of trust and you will usually have to rely on that organisation following best practice when it comes to securing your data. However, there are steps you can take as an individual to reduce your chances of becoming a victim of identity fraud. It’s important to ensure that you only give information to reputable companies that you feel you can trust, this is not fool-proof as many big companies suffer data breaches, but as a general rule do not risk handing over sensitive data unless you feel confident about doing so.
You should also make sure to change your password regularly and do not use the same password for many different accounts. If one password is lost in a data breach, it could then be used to access multiple accounts, especially if combined with other data like email addresses or security-question answers.
Remember not to store sensitive information on your computer or to share this kind of data on open social media networks. Fraudsters will often gather small pieces of data from different sources, so a password from a data breach combined with details from your Facebook account could prove incredibly valuable to a criminal.
If you are worried about the security of your personal data, your Equifax Credit Report & Score (which is free for the first 30 days then £14.95 monthly) includes WebDetect, which alerts you if we find your personal data on websites used by fraudsters.
- Online Fraud Terminology
- What is anonymous browsing?
- Distributed Denial of Service explained
- How secure is your email?
- Identity theft and fraud explained
- Financial fraud explained
- Best practices for avoiding identity theft
- Stay safe online: Creating a secure password
- Scam avoidance: A few ways to help stay secure
- Are smart gadgets putting you at risk of identity theft?
- Helping your children stay safe online
- Should you share your location on social media?
- Safeguard your personal information on video game consoles
- Would you do internet banking on your smart TV?
- How fraudsters use Wi-Fi hotspots to steal data
- How to avoid email fraud
- Preventing your child’s identity from being stolen
- Keeping your personal information secure when moving home
- Protect yourself from becoming a victim of SMS phishing
- Protect against identity theft when sharing photos online
- Safeguard your identity on mobile apps
- Your social media profile and identity theft
- What is credit card fraud – can you prevent it from happening to you?
- How fraudsters can hijack your browser
- Safeguard your identity on Facebook and other social media sites
- Going on holiday - keeping your identity safe
- How to prevent smartphone identity theft
- Shopping online – staying safe against identity theft
- How to spot and avoid romance scams
- Facial recognition and identity risk
- Dealing with phishing phone scams
- How cyber attacks happen
- Safer Internet Day – protecting children online
- 7 Signs of Identity Theft
- How to avoid contactless card fraud
- How to Spot a Phishing Email
- ID Fraud Overview
- How Financial Crimes Are Hidden in The Dark Web
- How much do you know about the Dark Web?
- Are you losing your identity?