In the past years, headlines like “Company Loses Millions From Recent Data Breach” have become more common than ever. Even major international brands like Yahoo!, Marriott International, Equifax, and many others have suffered the wrath of hackers looking to make a profit.
What is a data breach anyway, and why does it happen?
What Is a Data Breach?
Norton Security defines a data breach as a “security incident wherein critical information is accessed without the authorization” of the brand in question. Regardless of whether or not the data is released, it is still considered a data breach. Such incidences can hurt any business reputation.
What’s more, they can compromise the security of the victim’s clients in many ways.
What are the common reasons for data breaches?
The Top 3 Reasons Why Data Breaches Happen
Human Fault and Error
Data from a CompTIA study notes that 52% of data breaches are caused by human error. In a workplace wherein the employees are always online and in front of their computers, such occurrences are made even more likely. More often than not, the company fails to give them the proper training with regards to cybersecurity.
Some of the mistakes employees make that compromise data include using weak passwords, falling for phishing scams, disclosing sensitive information to others, and accidentally sending vital information to the wrong recipient. Companies can try to avoid data breaches by providing their employees with the right cybersecurity training.
Malware or malicious software is another primary suspect for data breaches. This form of virus constantly evolves with the help of hackers, making it undetectable by anti-virus programs. Using malware, hackers can access the database of a company to get all the important details they need. That is why it is crucial for companies to regularly update their software and operating systems.
Physical Theft or Shortcomings
Data breaches happen in the real world as well. Any stolen device such as a laptop, hard drive, or smartphone that contain sensitive data can cause a data breach. Even improperly disposed of documents can cause data breaches. According to a 2015 study by Verizon, 55% of physical thefts regarding data breaches happen in the workplace. On the other hand, 22% happen in an employee-owned car.
What Data Gets Stolen?
Hackers mostly steal data to make a profit. They can sell private information on the black market for quite a sum. Depending on what business the victim company is in, there are various types of data that could be stolen. In general, however, hackers aim at stealing names, bank account details, addresses, Social Security numbers, email addresses, physical addresses, and contact numbers.
The data is mostly sold on the black market and hackers get paid depending on what kind of data they sell. According to a study by Experian, the cheapest data for sale are Social Security numbers and non-financial institution logins, which are both $1. The most expensive data are passports, which could sell for somewhere between $1000 to $2000. Credit or debit card details, on the other hand, range from $5-110. It’s hard to imagine how much hackers would’ve made from Yahoo’s data breach that compromised the accounts of millions.
Aside from selling on the black market, hackers also use the data to commit fraud and identity theft. For this purpose, data such as medical and educational records are mostly used.
It’s apparent that data breaches are far more dangerous than what many would initially believe. That is why companies should take major steps to ensure such issues never happen, as it is something they may never eventually recover from.