The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

What is Data Breach? Data Breaches visualization

Download Windows Speedup Tool to fix errors and make PC run faster

Any accidental or deliberate disclosure of confidential information to an unknown network is a Data Breach. The United States of America and most European countries account for an overwhelming majority of the significant data breaches. What’s more worrying is the rate at which data breaches are hitting and impacting businesses shows no signs of slowing.

What is Data Breach? Data Breaches visualization shows the recent ones

What is Data Breach & Types

In general, there are three types of data breaches. They are:

  1. Physical – It can also be referred to as ‘Corporate Espionage’ or efforts to obtain trade secrets by dishonest means, such as computer tapping.
  2. Electronic – unauthorized access to a system or network environment where data is processed, stored, or transmitted. Access can be obtained via web servers or websites to a system’s vulnerabilities through application-level attacks.
  3. Skimming is the capturing and recording of magnetic stripe data on the back of credit cards and debit cards. This process uses an external device which is sometimes installed on a merchant’s POS without their knowledge.

Recent Data Breach Incidents

Several incidents of data breaches resulted in the selected loss of 30,000 records in the recent past. You can find more information about it in the form of a visual representation on this website. It offers a beautiful & informative tour of the world’s most significant data breaches in recent years.

What is Data Breach

Some of the significant Data Breaches were:

Madison Square Garden Credit card data breach: Massive year-long credit card breach was reported at Madison Square at four of its venues in New York City. The breach compromised credit and debit cards used at concession stands.

Yahoo Email Accounts Hacking: The email giant discovered a major cyber attack when an unauthorized party broke into the accounts of Yahoo users via “forged ‘cookies'” – bits of code lying hidden in the user’s browser cache so that a website doesn’t require a login with every visit. The company claimed the breaches were “state-sponsored” and acknowledged that a hacker accessed proprietary code.

Anthem: In Feb 2015, D.O.B, member ID. The social security numbers and other related information of Anthem members, the second-largest health insurer in the US, were stolen. The medical data breach of the information held by Anthem Inc affected 80,000,000 users.

Brazzers Data breach: In September 2016, Hackers cracked adult site Brazzers, spilling details of over 8 lakh users. This included unique email addresses, user names, plaintext passwords, and more. Fortunately, most of the entries were duplicates.

Dailymotion attack: One of the world’s most popular video sharing sites suffered a data breach that involved the loss of tens of millions of users’ email addresses and associated passwords on 6th December 2016.

Ways to Prevent Data Breaches

Preparedness and Proactivity are the keys to stopping this growing menace. More energy and efforts are put into cleaning up the mess after a breach has occurred than into planning for the breach and having a quick response system in advance. Everyone should have an incident response plan to control the situation during a breach. It helps control actions and communication and ultimately lessens the impact of a breach.

A vast majority of the data breach incidents can be stopped by resorting to an approach of a layered defense. This approach to network security ensures that if an attacker penetrates one layer of defense, he is immediately stopped by a subsequent layer. How is this done? By reducing the Attack Surface.

Attack Surface

The term denotes the total sum of the vulnerabilities in each computing device or network access to a hacker. Anyone attempting to break into a system begins mainly by scanning the target’s attack surface for possible attack vectors (whether for an active attack or passive attack). The first step in strengthening the defense is to close unnecessary open ports and limit the resources available to untrusted users through MAC address filtering.

Reducing Vulnerability to Phishing Attacks

Phishing is one of the most widely used methods of identity theft. One can stay safe and avoid falling prey to it by keeping a check on simple things like staying alerted of emails that come from unrecognized senders, emails that aren’t personalized, and emails that ask you to confirm personal or financial information over the Internet and make urgent requests for this information.

In addition to these, several industry guidelines and government compliance regulations require strict governance of sensitive or personal data to prevent data breaches. Countries where such a framework is absent or weak should adopt robust laws to protect consumers.

What are the types of data breaches?

Physical data breaches, electronic data breaches, and skimmed data breaches are all different types of breaches. Risk and consequences are similar across all of them, but the execution differs.

How is an internal data breach identified?

An internal data breach discovery plan can be set up in two easy steps. An overview of the process looks like this: Identify data of value – finding the data sets that relate to business processes is the easy part. The most challenging part is determining if any copies of the data exist elsewhere.

AnandK@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.