What are Data Breaches?
Data breaches are security incidents where sensitive or confidential information is accessed by unauthorized parties, including personal and corporate data. They are one of the most common occurrences due to improvements in technology and cyber attacks as well as the sheer amount of information now stored in digital form. Some examples of the data stolen during a data breach are:
- Medical data history
- Financial data
- Trade Secrets
- Personal Identification Information
- Intellectual Information
Damages Caused by Data Breaches
The amount of harm a data breach can cause is substantial. Lives can be ruined by a data breach depending on how the information is used and in the cases of the organizations targeted they will lose customer trust and possibly have ruined reputations, some completely losing customers as a result. However, one of the biggest damages all data breaches cause is the cost to recover from them.
According to IBM’s Cost of a Data Breach report for 2024, the global average cost of a data breach was $4.88 million, with the average cost in the United States being $9.36 million. The severity of the breaches and the costs can vary, with highly regulated fields like healthcare and finance having more severe consequences because of how sensitive the data being handled is as well as the steep fines and penalties that come with it. The four main factors of these data breach costs are lost business, detection and containment, post-breach response and notification. IBM reports that the average cost for each was:
- Lost Business – $1.47 million
- Detection and Containment – $1.63 million
- Post-Breach Response – $1.35 million
- Notification – $430,000
While Notification is the lowest out of the costs, the process of reporting is still time consuming and a heavy process to undertake. They are required by law to do, with each state having their own notification laws and specific fields having set time periods for reports. For example, the US Cyber Incident Reporting for Critical Infrastructure Act of 2022 requires organizations in national security, finance, and other cybersecurity industries to report within 72 hours to the Department of Homeland Security if a data breach occurs.
How Do Data Breaches Occur?
There are several ways a data breach can occur, all exploiting weaknesses in users and systems:
- Accidental internal breach – an employee gaining access to another employee’s information without authorization.
- Physical loss of a device – devices with sensitive information are damaged or stolen.
- Cybercrime – intentional targeted attacks to steal information.
- Intentional Internal Breach – an employee gains access to unauthorized information with the intent to cause harm by sharing with unauthorized parties.
For intentional breaches, there is a basic pattern, according to IBM, that they follow. Beginning with research into the targeted system, the threat searches for any weaknesses it can use to get in. Then, the attack begins through things such as phishing, exploiting the system vulnerabilities, or using stolen login credentials to take an account. Once inside, the threat takes the data it wants deciding to either sell, destroy or lock up the data for ransom.
Defending Against Data Breaches
It is essential that prevention practices are put in place to limit the amount of potential vulnerabilities in systems. Additionally, it’s important to have quick responses in the event of a data breach and mitigate damages. Here are some of the most effective ways to defend against Data Breaches:
- Making sure all software up to date, regularly checking for patches and updates.
- Conducting vulnerability testing.
- Having strong antivirus protection.
- Encrypting data on local networks, cloud services, and remote offices using VPNs.
- Education and training of staff on the best cybersecurity practices.
- Having employees have the least amount of permissions and rights to complete their work.
- Having an Incident Response Plan formally prepared and implemented in the event of a data breach.