1. WHAT IS A DATA BREACH?

A data breach occurs when a cybercriminal successfully infiltrates a data source and
extracts sensitive information. This can be done physically by accessing a computer or
network to steal local files or by bypassing network security remotely. The latter is often
the method used to target companies. The following are the steps usually involved in a
typical a breach operation:

 Research: The cybercriminal looks for weaknesses in the company’s security

(people, systems, or network).
 Attack: The cybercriminal makes initial contact using either a network or social
attack.
 Network/Social attack: A network attack occurs when a cybercriminal uses
infrastructure, system, and application weaknesses to infiltrate an organization’s
network. Social attacks involve tricking or baiting employees into giving access to
the company’s network. An employee can be duped into giving his/her login
credentials or may be fooled into opening a malicious attachment.
 Exfiltration: Once the cybercriminal gets into one computer, he/she can then
attack the network and tunnel his/her way to confidential company data. Once the
hacker extracts the data, the attack is considered successful.

2. TYPES OF DATA BREACH CATEGORIES

Every day almost 7 million data records are compromised, with no organisation or sector
immune. Organisations are facing a war on data breaches, so it’s imperative that ‘know
your enemy’ becomes part of their battle tactics.
Data breaches come in various forms and sizes – not all incidents are caused by
sophisticated cyber attacks. To help you understand what your organisation is facing,
here’s a breakdown of some of the most common types of data breaches.
1|Page
 i. Employee negligence/error
Something as simple as including the wrong person in the Cc field of an email or
attaching the wrong document to an email could cause a data breach. We’re all guilty of
making mistakes – it’s human nature – but employees need to understand the most
important elements of information security, and non-technical staff need to be made
familiar with security awareness policies and procedures.

ii. Cyber attack/criminal hacker

The ways in which cyber criminals try to gain access to your systems are becoming more
sophisticated. Often it isn’t always obvious that an attack has taken place until significant
damage has been done. Cyber attacks can come in various forms, including denial of
service, malware and password attacks.

iii. Unauthorised access

Access controls are designed to stop certain information from being seen by the wrong
people. A breach of these controls means that someone has gained unauthorised access to
sensitive data, such as bank details stored by HR, or potentially compromised business
critical information.

iv. Physical theft/exposure

Although there is a lot of emphasis on the digital aspects of a data breach, physical
exposure or theft of data is an equally important threat that organisations must consider in
their security plans. This type of data breach can be caused by improper disposal of
sensitive information, or simply leaving a confidential document in plain sight.

v. Ransomware
Ransomware is a type of malicious program that demands payment after launching a
cyber attack on a computer system. If the organisation fails to comply with the extortion,
its essential data is destroyed, although there’s no guarantee that it will regain access to its
data even after paying up.

vi. Insider threat

Your employees know how your organisation operates, how vital information can be
accessed and the measures in place to protect it, which is why you should put in place
appropriate training and security protocols.

vii. Phishing
Emails are a common part of our daily lives, making them a
popular attack vector for cyber criminals. Crooks might
adopt the seemingly legitimate credentials of such
companies as insurers, banks, etc. to gain access to your
personal information by encouraging you to click an unsafe
link or download a malicious attachment.

2|Page
 3. COMMON TYPES OF DATA STOLEN
Cyber attacks have become a regular occurrence in the last
few years; in fact, you can’t turn the news on without some
mention of a business suffering an attack. Most attacks are
fuelled by criminals looking to steal valuable information,
but what type of information is being stolen?

According to a report by Veracode, the top 5 types of

information that are stolen are:

i. Payment Data
No surprises here of course. Card payment data is a very attractive form of information
for cyber criminals to steal. Card data provides quick access to money in multiples ways
such as siphoning the victims account, using their card for purchases or selling on the
black market.

Selling and purchasing card payment data online is terrifyingly easy, so easy in fact that
you could have bought several card details in the time it’s taken you to read this far.

ii. Authentication Details

Details that allow authorised access into online systems are very valuable on the black
market. Imagine the price tag on login credentials for the email address of a celebrity, or
the president of an international bank.

Unfortunately, humans are subjects to bad habits such as using the same password for
online accounts. So if cyber criminals manage to get hold of your Facebook password,
then they will most likely be able to login to any of your accounts.

iii. Copyrighted Material

Why would a cyber criminal pay for software when they could just steal it? With most
websites being vulnerable to attack, a cyber criminal could in theory steal any software
they fancy, costing organizations a large sum of money.

iv. Medical Records

Thieves could sell your stolen personal health information on the Internet black market,
use your credentials to obtain medical services and devices for themselves and others, or
bill insurance companies for phantom services in your name.

Medical ID theft is worse than financial identity theft, because there are fewer legal
protections for consumers. Many victims are forced to pay out of pocket for health
services obtained by the thieves, or risk losing their insurance and/or ruining their credit
ratings.

3|Page
 v. Classified Information
Depending on how you define classified, this could include information such as your
organization’s top secret product idea or the code for your security door. Either way, if
it’s labeled classified then you don’t want it to be in the hands of cyber criminals.

4. THE SCARY SIDE EFFECTS OF A CYBER BREACH

In addition to compromised security and the potential for fraudulent charges, data
breaches come with a variety of negative consequences.

i. Diminished reputation
A good reputation is often a company’s most prized asset as a business must work
constantly to build and maintain the integrity of its brand. However, one compromising
episode like a data breach can tarnish even the best of reputations. While every hack is
different and effects enterprises in various ways, companies that have been breached will
often say their reputation was negatively impacted.

Before the Internet, businesses may have been able to recover more quickly without
stories spreading at such a wide distribution in such a short amount of time. Today,
however, that is clearly not the case. News of a data breach travels far and wide, affecting
a company’s identity for customers around the world.

ii. Decreased competitive ability

Often, data hackers are interested in a business's proprietary information, including
customer lists, pricing strategies, and trade secrets. Once cybercriminals have this
information, they can effectively damage a company's competitiveness by providing these
materials to industry rivals or by exposing the information to the public. This effect is
heightened if the data breach is not discovered immediately and is allowed to continue for
weeks or months at a time.

iii. Lost customer trust

It’s a company’s responsibility to maintain client allegiance. Since loss of trust often
comes not from the breach itself, but from lack of follow-up after an incident, companies
must be transparent with affected customers. Enterprises should already have a
contingency plan in place and communicate it with consumers as soon as possible. The
more information businesses can share with clients, the better. This action will show
companies are not attempting to hide information and can maintain customer loyalty and
trust throughout the data breach aftermath.

iv. Reduced revenue

Once businesses are aware that their system has been infiltrated by an outsider, the most
common course of action is to stop operations until a solution is found. Companies have
to find the source of the data breach, especially if a particular network flaw allowed the
hacker to access sensitive information. With processes on shutdown to eradicate the
criminal activity, enterprises can lose revenue.

4|Page
 5. BIGGEST DATA BREACHES
It’s the top ten countdown no one wants to be on. Here’s our list of the 10 biggest data
breaches of all time. You may be able to guess many of the companies featured on this
list, but there might be a few surprises as well.

 Yahoo—again | 3 billion

 Marriott International | 500 million

 Yahoo | 500 million

 AdultFriendFinder | 412 million

 Myspace | 360 million

 Exactis | 340 million

 Under Armour | 150 million

 Equifax | 145.5 million

 eBay | 145 million

 LinkedIn | 117 million

6. WAYS TO PREVENT DATA AND SECURITY BREACHES

i. Legal Obligations
There are endless laws governing consumer privacy and data security, from the Payment
Card Industry Data Security Standard (PCI-DSS) to the Health Insurance Portability and
Accountability Act (HIPAA) and the new General Data Protection Regulation (GDPR).
ii. Develop a Data Security Policy
The best way to avoid being the victim of a breach is by prioritizing security through
various best practices, processes and procedures, and then detailing these in a policy.
Best practices often mentioned in policies include:

 Keep data transferring at a minimum. Only shift data from one device to another
if necessary. Removable media is easily lost, putting all the data on it at risk.
 Shred paper files always.

iii. Policy for Equipment Use

Decide if you’re going to provide company-owned devices and systems for employees to
use, or if “bring your own device” would work best for your situation.
No matter which route you take, make sure employees use a work-specific email. This
way, IT can monitor for anything fishy. Plus, once an employee leaves you can easily
remove them from the database and they can no longer access any confidential emails.

5|Page
 iv. Train and Educate
Training and educating staff is vital to keeping a company safe and relatively problem-
free. Experts advise classifying the different types of data on a scale and educating
employees on this new system.
v. Use Encryption
If you deal with private data regularly, encryption is vital. An encrypted document or
email can only be decoded with the associated key.
It helps you protect sensitive data wherever it is, even if a document is sent to the wrong
email or a work laptop is stolen and the data ends up in the wrong hands. If the
recipient doesn’t know the proper encryption key, they’ll be unable to access the data.
vi. User Authorization & Accessibility
It makes more sense to control data access right from the beginning than to hand it out
carelessly and try to take it back later. There’s no need for everyone to have access to
everything, so only give employees access to files that are necessary for them to complete
their jobs..
vii. Track Data & Monitor Use
Even though there’s a bit of an ethical battle about this, system monitoring might be a
great additional layer of security for your company.what files. They can follow sequences
of who saved or sent something and where.
viii. Regular Audits & Assessments
Perform vulnerability assessments once a month or even weekly. Regularly scan the
security controls and contents of every system in the network (internal and external) to
identify threats and be prepared for attacks.
ix. Backup Data
This step won’t necessarily prevent a data breach from happening, but it will make
repairing the damage much easier. Not all hackers want to steal your files to sell them,
trade them or use them for illegal activity. Some cybercriminals want to stir the pot by
deleting your data

7. REFERENCES

 https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/data-breach-
101
 http://www.brightonpittsfordagency.com/BPA/the-four-most-common-types-of-
data-breach/
 https://chiefexecutive.net/understanding-seven-types-data-breach/
 https://www.vantiv.com/vantage-point/safer-payments/data-breach-side-effects
 https://bigdata-madesimple.com/15-ways-to-prevent-data-security-breaches/

6|Page