What Is a Data Breach Anyway?

Data breaches do not discriminate, but a few things are certain: they are destructive, they are expensive, and they can wreck a company and brand.

A quick Web search of the term “data breach” will yield plenty of results, mostly headlines from around the globe about some big company being the victim of stolen data. We hear of data breaches happening frequently, but do you know exactly what a data breach is and how they happen?

The truest definition of a data breach is “…an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.”

Essentially, data breaches are terrible and despite our great leaps in technology security, they still happen every day.

In 2013, retail giant Target was the victim of a large-scale data attack, which exposed 40 million debit and credit card accounts. In 2014, Sally Beauty Supply revealed an attempted breach, as well as Sears, and even the likes of Kickstarter, the University of Maryland, and Smucker’s.

Data breaches do not discriminate, but a few things are certain: they are destructive, they are expensive, and they can wreck a company and brand. Symantec and the Ponemon Institute estimated in an analysis that the average total cost of a data breach is nearly $200 per record affected.

There are a few reasons why data breaches happen, but the crux of the issue is someone, somewhere, wants access to personal data, usually for personal information that can be used for purchases, credit accounts, and more. Hackers also rely on other sensitive information—name, email, address, or social security numbers, — for selling purposes to turn a profit.

Data breaches are caused by a myriad of actions, but the top reasons include weak and stolen credentials, back door application vulnerabilities, negligent employees, external theft, and improper disposal of data.

While the best defense is a good offense, in this situation it’s hard to take preventative action before it hits you. Data breaches are silent attacks, which is why relying on the latest security features, whether for merchant accounting and computing, or storing data, can help to mitigate these risks.

Properly disposing data is another sure-fire way to prevent a data breach, and here at Legal Shred we do more than destroy old documents. We also offer hard drive destruction services through the use of our shredders. Data is impossible to retrieve once it has been pulverized through our shredding trucks.

 

Data Breaches

document shredding