DATA BREACH: A Comprehensive Overview

DATA BREACH
A data breach occurs when sensitive, protected, or confidential information is accessed, disclosed, or
stolen by an unauthorized party. This includes hacking, malware, theft of physical devices that contain
data, malware etc.
NOTABLE DATA BREACHES-
Facebook, 2021—One of the most infamous breaches in modern history this exposed the personal
information of more than 533 million Facebook users to hackers, in which included real names, date
of birth, current city, and posts posted on Facebook. Some other cases include the following-

 Yahoo! Data Breach, 2013.

 First American Corporation Data Breach.
 2019 Marriott International Data Breach, 2018.
HOW DOES IT HAPPEN

 CYBER ATTACKS- When there is a presence of weakness or loopholes in operating

systems and software, they gain unauthorized access to sensitive information. Another way in
which cybercriminals get hold of sensitive information is through sending deceptive emails,
messages with dangerous links. This is a very common form of cyberattack also known as
phishing attack which tricks individuals and organizations into revealing login credentials.
 INSIDER THREATS- Apart from attacks from outside, there are also cases where
employees may intentionally or unintentionally leak sensitive data or provide unauthorized
access to malicious bodies.
 THEFT OR LOSSES- When physical devices such as laptops, computers and storage
devices which contain crucial files and data are stolen and if the data on the stolen devices is
not encrypted, it can be easily accessed by the thief, potentially leading to a data breach.
 WEAK AUTHETICATION- When users or organizations use weak passwords or reuse
passwords it allows for cyberattacks to brute force passwords leading to breaches. Weak
authentication also refers to the use of inadequate or easily compromised methods for
verifying the identity of users accessing systems, applications, or data.

THE NEGATIVE CONSEQUENCES OF A DATA BREACH-

1. FINANCIAL LOSS- According to the IBM Cost of Data Breach report, the average cost of a
data breach in the US is $4.24 million. The first and foremost damage that a data breach
causes to individuals or businesses is financial loss. This covers the financial resources
required in identifying and investigating the cause of the breach to employing measures to
mitigate it.

2. LONG TERM DAMAGE TO REPUTATION- Data breaches result in a huge decrease in

revenue due to loss of confidence from customers and clients. The violation of privacy leads
to long term reputational damage that many organizations take a lot of time and resources to
recover from fully. It paints a bad image of a business, the failure to protect the privacy of
their customers.
 3. REPARATION THROUGH FINES AND LEGAL FEES - Individuals or parties may be
required to pay heavy fines for violating regulatory laws with respect to data protection. In
some case one can avoid paying fines if they are able to prove compliance despite a security
breach. However, in many cases, individuals and organizations are required to pay huge
amounts of fines, even in millions of dollars. Failure to pay fines leads to severe penalties.

4. HUGE LOSS OF REVENUE-According to IBM for small- and medium-sized businesses

(SMB), 60% of these companies shut down within six months of the attack. While bigger
organizations are not forced to shut down, too are not exempted from the damages. There are
financial costs, which Ponemon Institute and IBM determined an average of $4.24 million,
with 38% of that total coming from lost business.

5. LOSS OF CUSTOMERS- In the aftermath of a data breach, customers mostly abandon

their alliances with the existing companies and would rather take their data somewhere else
where it is protected and safe. This causes customer and clients to withdraw their support thus
decreasing the revenue of the company. Another notable point is the decrease in employee’s
morale and confidence due to a breach which results in retention issues.

PREVENTIVE STRATEGIES-
With businesses small or large investing in cybersecurity to prevent a breach from taking place, here
is a compilation of steps that can be taken to prevent an event from occurring in the first place.
1. PREVENTING NETWORK COMPROMISE- The first and foremost step to
preventing a breach is by making sure that a cybercriminal cannot enter the network of a
organization. If this measure is implemented, it dismantles any further compromise from
taking place. This includes implementing strong password policies, limiting access of
privileged information, securing the network perimeter through firewalls, intrusion
detection systems and a compact access control list.
2. MAINTAINING SECURE ENDPOINTS- Encrypting data both at rest and in transit is
crucial in preventing unauthorized access. Measures which can be taken up are- MFA
( Multi-factor Authentication) which makes users go through layers of authentication
before gaining access to endpoints, EDR (End-point Detection and Response) this
includes analyzing activities in real-time thereby allowing early detection and response to
suspicious activity.
3. LIMITING PRIVILEGED ACCESS- Granting privileged access to employees and
contractors should be a big no for any business. The risk of mishandling data
Intentionally or unintentionally, whether it is in a hurry, or an oversight is extremely huge.
Thus, it’s imperative for organizations to implement strong access policies and lay down
the rules and regulations and make sure that all employees, clients, and vendors follow
the same.
4. REGULAR TRAINING- It is important for employers to recognize their employees as
the first line of defense in a cyber security attack. It is important to train employees so
that they can recognize and respond to breaches firsthand. This can be done through
organizing workshops and training programs on identifying phishing emails, handling of
sensitive information, cybersecurity exercises and so on.
 5. FOLLOWING A STRICT UPDATE SYSTEM- Regular patching and updating of
software systems should be a must to limit exploitation. A patch system helps identify
threats regularly and helps in deploying security measures to eliminate them. A
continuous and streamlined operation should be in place to stay up to date with software
updates and to be informed about emerging threats and vulnerabilities.
CONCLUSION-
To conclude, data breach prevention requires a comprehensive model approach that includes technical
controls, strategies, and training. The implementation of the above-mentioned strategies is crucial but
the continuous reassessment and updating of these strategies is equally important. On top of this,
creating a culture of vigilance and cybersecurity awareness plays in the favor of maintaining a strong
defense against cybercriminals.