Table of Contents:
What is a data breach?
A data breach occurs when someone gains unauthorized access to a computer system’s sensitive, protected and/or confidential information and has been viewed, stolen or used illegally. Breaches can happen anywhere, and it’s important to know what to do if you are affected by a data breach.
The Identity Theft Resource Center reports that, in 2014, there were 783 reported data breaches in the U.S.; this is a 23 percent increase from 2013. These attacks compromised 85 million sensitive records.
From 2005 to 2014, an estimated 625 million sensitive records have been leaked in data breaches. Some of these records have been used to commit identity theft and fraud against the exposed victims.
Definitions of Breach Terms
Before we continue discussing data breaches, we need to understand the different types of breaches and the various ways that these breaches can occur. Data breaches can be broken down into five categories:
- Business: a breach that occurs within a business or organization (ex: grocery stores, retailers, etc.)
- Financial: a breach that occurs within a financial corporation (ex: banks, credit card companies, etc.)
- Educational: a breach that occurs within an educational institution (ex: universities, high schools, etc.)
- Government/military: a breach that occurs within a government or military based facility (ex: police departments, military bases, etc.)
- Medical/health care: a breach that occurs within a medical institution or health care company (hospitals, pharmacies, etc.)
*Read more for a data breach compilation using these five categories here.
Breaches can occur in the following ways:
- Insider theft: exposure of information as a result of theft orchestrated by an individual within the institution such as an employee or staff member (either former or current)
- Hacking: exposure of information as a result of a targeted attack executed through unauthorized access of a computer or network
- Data on the move: exposure of information due to transporting or moving of information and information containers (computers, folders, hard drives, etc.) from where they are normally kept
- Third party/subcontractor error: unintended exposure of information as a result of a third party or subcontractor
- Employee error: unintended exposure of information as a result of an error made by an employee
- Accidental Internet exposure: exposure of information as a result of unintended access to the Internet
- Physical theft: exposure of information due to physical theft of information and/or information containers (computers, folders, hard drives, etc.)
Analysis of Breach Terms
How do data breaches happen?
As we just read, data breaches can occur in various types of institutions in a number of ways. While some breaches are purely accidental, it doesn’t change the fact that your information could be at risk after a breach. Let’s take a closer look at four of the most common ways that data breaches occur.
A company’s data system is like a gold mine for hackers. Hackers find vulnerable areas of a specific computer system or network to gain access to its information. Personally identifiable information (PII) can be more valuable than money and can be sold on the black market for a high price. Hackers can also use your PII to create credit card accounts, apply for jobs and receive tax refunds. (Learn more about identity theft and identity fraud)
Breaches can be accidents. In the case of employee error, the data breach may not have any specific motivation, but occurs when an employee is tricked into unknowingly allowing access to a company’s secured data through phishing emails or deceptive websites. Employees may accidentally provide sensitive information about the company’s data servers on a fraudulent website or download malware that intercepts data entered or stored on the computer.
Third Party Errors
Sometimes a breach can occur due to error of a company’s supplier, again purely accidental, when sensitive data is inappropriately processed or shipped. This can result in exposure of this information to unauthorized sources. Information can also be at risk when vendors do not properly delete user information.
Theft and Loss
Data breaches can also happen by merely leaving a phone on a table in a restaurant or a thief breaking into a car and stealing a laptop. Exposure of confidential information can happen simply by theft and loss of PCs, tablets, laptops, USB storage devices and smartphones that store sensitive information.
Applying the Breach Terms
Visit the Breach News section to stay updated on the latest breaches.
Can you prevent a data breach?
Unfortunately, there is no way that you, as a consumer, can prevent a data breach from happening. However, you can decrease the chance of your information being misused by knowing what to do if a breach does happen.
What should I do if a data breach happens?
Let’s take a look at a few steps you should take if you think you’ve been affected by a data breach:
- Stay updated. It’s important to know which company was affected, what type of information was compromised and how many people were affected and the time period of the breach (if pertinent). Knowing this information can help determine whether or not your information is at risk.
- Check for breach notifications. Companies are required to notify consumers that could have been affected by a data breach in most states. Watch for letters, emails or other types of notifications alerting you that your information may have been compromised.
- Monitor your credit/debit cards closely. If there is a chance that your credit or debit card information was stolen, keep an eye on your bank statements for unauthorized activity.
- Communicate with your bank. If you notice any unauthorized activity on your cards, call your bank to file a claim for fraud.
- Consider EZShield Fraud Protection. With EZShield, you have access to resolution specialists that will help secure your information and work with you if your information becomes compromised by a data breach.