A data breach happens when confidential or private information is shared with a party that’s not authorized to access it. This can be the result of accidental disclosure by an employee, loss or theft of unencrypted devices, or hacking into a system with software vulnerabilities. Cybercriminals can use a variety of tactics to gain entry to the data, including social engineering or phishing, spoofing attacks, or using malware.
A major source of data breaches comes from a company’s own employees. This can be the result of malicious intent (such as an angry or laid-off employee seeking to harm a firm) or simply a lack of security awareness and controls. Malicious outsiders, known as hackers, are another big problem. They can work individually or as part of a larger organized crime network. Financial gain is the primary motivation for many hackers, as they steal credit card numbers, bank accounts and other data that can drain funds from people or companies.
While prevention efforts reduce the number of breaches, they cannot completely eliminate them. When they do occur, the impact can be devastating. The damage to a company’s reputation and finances may be irreparable.
In addition, a breach can lead to legal obligations and fines. For example, US organizations subject to HIPPA must notify the Department of Health and Human Services, affected individuals and the media if their personal healthcare data has been compromised. State laws vary as to how quickly they must provide notifications and whether a risk of harm analysis is required.