A data breach is when sensitive information – whether it be personal data, corporate data or intellectual property – is exposed to the wrong people. A hacker may access this information through malware, phishing attacks, ransomware or other tactics to do things like steal payment card details, compromise data and sell it on the black market, sabotage operations or even commit identity theft. This can have a significant impact on the organization involved, often costing in fines, operational downtime and the loss of customer trust that is difficult to recover from.
Research has shown that up to a third of customers in retail, finance and healthcare will stop doing business with a company once they discover it’s been breached. This is a big hit on the reputation of the affected business and can also lead to legal action from affected individuals or regulatory bodies.
The data that’s leaked in a breach can be used to do everything from sign up for new bank accounts to commit tax identity fraud and credit card fraud. It can even be used to take control of a computer system and hold it hostage for financial gain.
When a data breach is discovered, it’s important to act quickly and begin the incident response process. This includes recording the time of identification, identifying the affected data and setting up a log of the investigation. This log should include information such as: who identified the breach, the time it was spotted, what happened, how it happened and the actions taken so far.