What is Data Breach?
Data breach is an incident where sensitive, protected or confidential data has been taken from a system by an individual unauthorized to do so, without the knowledge of the system's operator/owner.
Data breach definition
Data breach is an incident where sensitive, protected or confidential data has been taken from a system by an individual unauthorized to do so, without the knowledge of the system's operator/owner. Data breaches are usually hacking or malware attacks.
The damage may involve financial loss and can degrade the company's name.
Data breach methods
- Insider leak where a trusted individual with access privileges steals the data.
- Payment card fraud where the card gets stolen by using physical skimming devices.
- Loss or theft where portable drives, laptops, office computers, files get lost or stolen.
- Unintended disclosure where sensitive data gets exposed through mistakes or negligence.
- Unknown where the actual breach method is unknown or undisclosed
Phases of a data breach
1. Research: The attacker looks for weaknesses in the target: employees, systems, networks,
2. Attack: network-based attack (through infrastructure) or a social attack (through network).
3. Exfiltrate: the attacker extracts the data he/she needs from the company’s infrastructure and uses it for either blackmail or black propaganda
Steps of precaution against dana breach
- Patching systems and networks accordingly
- Educating and enforcing the employees
- Implementing security measures
- Createing contingencies