An article from Malwarebytes regarding data breaches
What is a data breach?
The Malwarebytes Labs blog called 2018 the year of the data breach. What a year it was. The list of companies that were hacked by cybercriminals reads like a who’s who list of the world’s biggest tech companies, retailers, and hospitality providers—and that’s only the data breaches that we know about. In many instances, an organization or company won’t even know they’ve been breached until years later. According to the Ponemon Institute’s 2018 Cost of a Data Breach study, a data breach goes undiscovered for an average of 197 days. It takes another 69 days to remediate the data breach. By the time the security failure is discovered and fixed, the damage is already done. The criminals responsible will have enjoyed unfettered access to databases full of valuable data—your valuable data. Not to mention the data of hundreds of millions of people like you who had the bad luck of doing business with a company that got hacked.
Unlike most of the other topics we’ve covered under Cybersecurity Basics, a data breach isn’t a threat or attack in its own right. Rather, a data breach comes as a result of a cyberattack that allows cybercriminals to gain unauthorized access to a computer system or network and steal the private, sensitive, or confidential personal and financial data of the customers or users contained within. Common cyberattacks used in data breaches include the following:
With most data breaches, cybercriminals want to steal names, email addresses, usernames, passwords, and credit card numbers. Though cybercriminals will steal any data that can be sold, used to breach other accounts, steal your identity, or make fraudulent purchases with.
In some instances, hackers want to steal your data just to prove that they can. This was the case in the 2015 VTech data breach, in which the data on 5 million adults and 200,000 children was compromised. The hacker responsible claimed they had no plans for the data and did not share it with anyone. Honor among thieves, right?