1. What is a data breach?
A data breach is an incident in which sensitive and private information are accessed by attackers through stolen hardware devices, hacking, etc.
Data breach is usually the result of lost or stolen data through computers, hard drives, storage devices like pen drives, etc. and is also known by names such as ‘security breach’, ‘data spill’ or ‘data leak’. The sensitive information stolen in a data breach may include Personally Identifiable Information (PII), Personal Health Information (PHI), financial information, etc. of several individuals.
According to Privacy Rights Clearinghouse, a non-profit consumer organisation, 227,052,199 records containing sensitive information were stolen in the data breaches between January 2005 and May 2008 in the United States.
A major data breach case involved Jason Smathers, a resident of Harpers Ferry, West Virginia who stole 92 million screen names and e-mail addresses and sold them to spammers who then sent approximately 7 billion unsolicited e-mails.
Another data breach case which affected the U.S. military involved the loss of 76 million records due to lost or stolen data.
2. How does a data breach occur?
A data breach can occur due to the following reasons:
• One of the key reason for a data breach is the loss of laptops, computers, storage devices such as hard disk drives, pen drives, etc.
• A data breach can also occur as a result of criminal activity targeting company’s private information.
• Careless disposal of documents, papers having sensitive information can also lead to a security breach.
• Unapproved sharing of information via email and public websites can also be harmful.
• Unauthorised access (hacking) to networks, social engineering attacks, and other IT-related anomalies are also very common for a breach of data.
• If an employee discloses company’s private information to outsiders without any permit, it can lead to a data breach.
• A company may provide sensitive information to the wrong person by mistake leading to a data breach.
According to a report, the major cause of data security breach in a company includes the people working inside the company.
3. What are the risks posed by a data breach?
The risks posed by a data breach can vary in different ranges. But mostly, it leads to huge losses for a person or a company. A data breach can lead to serious damages of finances to both the individual and the company due to the loss of data.
Data breaches are mostly large scale leading to huge losses. But sometimes, they can also occur if an unauthorised person acquires the medical information of an individual by peeking over a computer record or a file. This type of data breach is known as a medical data breach.
4. What are the consequences of a data breach?
For the victim:
The consequences of a data breach can be very unpredictable. Although, most of the data breach cases lead to identity theft or other serious consequences for the employees in the company. However, in most cases, there is no lasting damage.
For the criminal:
If a data breach leads to identity theft or government violation, then the criminal may face criminal prosecution and/or fines.
5. How can we prevent data breaches?
To prevent data breaches, various guidelines and regulations are required for protecting the sensitive and personal data. It is required that companies take appropriate steps to protect the information from loss, theft, modification, unauthorised access, etc.
• Appropriate security measures should be employed within the company to protect the sensitive data. Not only the IT department but security should be employed everywhere including entry and exit of employees, data storage practices of employees should be watched, etc.
• Employees should be educated for proper handling and storage of data.
• A data theft protection plan should be established by the company and the employees should be made aware of this plan as what to do in case of a data breach.
• The data should be minimised so as to prevent its loss. (Store useful information only and discard other information; Store the data at very few places which are secure.)
• Conduct periodic risk assessments through internal audits and external resources.
There are many types of thefts that can happen to anybody and the victim will not be able to capture the exact culprit for years. The common threats are “Phishing” and “Skimming” that involve a loss of valuable information along with the loss of millions of money.
6. What to do if a data breach occurs?
A data breach response plan should be implemented by the victim. There is no single way of reacting to a data breach. Each and every breach needs to be dealt in a different manner.
Take the following steps:
• Conduct a preliminary assessment and try to limit the consequences of the data breach by taking appropriate steps involving data breach protection plan.
• Assess the risks associated with the data breach by considering the type of information lost, cause of the breach, and consequences of the breach.
• Decide whether to notify the affected people. It may seem that breach notification is very important in any data breach. But, it is not true. Notification is an important step, but it is not always required. Providing notification about data which having low risk can lead to excessive concern among the people. On the other hand, in the case of high-risk data breaches, individuals must be notified.
• Develop a plan to prevent data breaches in the future.