Data Breaches: What Are They and What to do When You Spot One?

Cybersecurity mishaps frequently appeared in news headlines during the past two years. Data breaches impacted critical infrastructure from companies such as Colonial Pipeline to hackers compromising healthcare records at UC San Diego Health. Despite the prevalence of the breach-centric news cycle, it is important to review what exactly a data breach is, how they typically start, and why they occur.

According to IBM, the average time it takes to identify a breach has occurred is 287 days, with the average time to contain a breach clocking in at 80 days. And with 81% of businesses experiencing a cyber-attack during COVID, it is essential we all familiarize ourselves with the anatomy of a data breach so that we keep our data safe, as well as that of our colleagues and customers. The following is helpful background information on data breaches and why they are problematic.

What is a data breach? According to Trend Micro's straight-forward explanation, a data breach is “an incident where information is stolen or taken from a system without the knowledge or authorization of the system's owner.” Although human error can result in data breaches, a vast majority of them result from cyber-attacks where a cyber-criminal gains unlawful access to sensitive system data.

What kind of data breaches are common? Unfortunately, cyber-criminals search for almost any information ranging from more obvious sensitive information, such as social security numbers and credit card information, to more obscure data like past purchase history.

What tactics execute data breaches? Cybercrime sophistication increases each day. However, effective cyberattack tactics do not always use cutting-edge or advanced tactics. Here are a few examples of popular tactics:

• Phishing: Phishing is when a cybercriminal impersonates a legitimate party in hopes of fooling an individual into providing access to personal information. Phishing is one of the oldest tricks but it remains highly effective. 80% of security incidents and 90% data breaches stem from phishing attempt success.
• Malware: Malware is malicious software that covertly installs on devices and quietly gains access to data on an individual's device or a business network. This tried-and-true method often happens when a user engages with imposter, malevolent links and content.
• Password attack: Through password attacks, cybercriminals intend to gain access to sensitive data and networks by way of “cracking” user passwords and then using these credentials to access networks and extract data.

How to spot a possible breach? The best way to stop a data breach is to prevent one.

1. Ensure passwords are long and complex.
2. Report suspicious emails.
3. If you suspect a breach, immediately notify your device/service provider; and follow subsequent protocols to help them scan, detect, and remediate any issues that exist.

^{Resources: The National Cyber Security Alliance, International Business Machines Corporation, Trend Micro Inc.}