"Data breach" is a broad term referring to any leak of secure information that was intended to remain private, but applies especially to situations in which secure information falls into the hands of someone who isn't authorized to have it.
Data breaches are sometimes accidental, but many are intentional. They may be perpetrated by a government, by disgruntled employees (current or former),by criminals or malicious hackers, or indeed by anyone who has an interest in broadcasting secret information beyond its intended recipients.
- How to protect yourself from data breaches
- The best identity-theft protection services to keep your personal data safe
- Best password managers to keep your accounts secure
Accidental and intentional data breaches
Accidental data breaches are often caused by improperly handled computer and data-storage equipment. Stolen laptops, cell phones, digital music players and other portable electronic devices also may contribute to the problem.
In recent years, the wide availability of inexpensive online storage servers, such as those managed by Amazon Web Services (AWS), has led to dozens of incidents of sensitive data being accidentally exposed or left unsecured due to improperly configured servers.
We generally call such incidents "data leaks" if it's not clear whether anyone maliciously took the information, but it's rarely possible to prove that the exposed data was never noticed.
To use a physical-world analogy, if you come home to find your doors unlocked, but nothing missing, you can't be sure an actual crime was committed.
Intentional data breaches take many forms. They may be the work of someone breaking into a secure database, obtaining sensitive information with a keystroke logger, smuggling small media-storage devices out of a secure area, photocopying confidential information or using many other methods.
Data breaches have potentially serious consequences. Social Security numbers, bank-account information or credit-card numbers that fall into the wrong hands can all be used for identity theft.
Military or government data leaks may jeopardize national security and place specific people or organizations in danger. They could reveal the identity of covert intelligence agents or compromise individuals placed in a witness-protection program.
The large number of data breaches since 2010, and the resulting availability of billions of compromised account credentials (usernames and passwords) has led to an epidemic of "credential stuffing," in which hackers bombard websites with known credentials to see if they can log in.
To avoid this, check your existing passwords on the free HaveIBeenPwned (opens in new tab) website to see if they have been compromised in data breaches. If any have, then change each one to a long, strong and unique password, preferably one generated and handled by one of the best password managers.
Data breaches have also soured political campaigns, ruined careers and incited riots. The Tunisian uprising that inaugurated the "Arab Spring" popular rebellions across the Middle East in 2011 was fueled in part by Wikileaks' publication of secret U.S. diplomatic cables that detailed the corrupt, lavish lifestyles of the Tunisian dictator's family and associates.
Not all breaches are illegal. Military data breaches, however, certainly are.
Leaking classified information by military personnel is usually considered treason and can result in a court-martial, as was the case of Army Pfc. Bradley (later Chelsea) Manning, convicted of providing diplomatic cables to Wikileaks.
Members of the military found guilty of disseminating classified information may even face the death penalty. (Edward Snowden, who gave media outlets copies of more than a million pages of National Security Agency documents, was not an active member of the military when he did so.)
There are many ways to decrease the likelihood of a data breach, or lessen the negative impact if one does occur.
An increasingly popular option for companies and other organizations is data-breach insurance, which pays for legal proceedings, technical investigations, forensic audits, communications with possibly affected persons and crisis management. This insurance doesn't actually stop information leaks, but reduces the hassle of dealing with the aftermath.
Active security measures
Corporations can lower the risk of a data breach by encrypting sensitive data, restricting the flow of confidential information and using multiple security and authorization procedures.
For example, a database might be protected with an alphanumeric password that changes every week, plus a fingerprint or retina scanner for a second form of authentication.
It's prudent to change all passwords several times each year and use unique authorization codes for each database. This means that even if one password were leaked, the other databases wouldn't automatically be compromised.
Data-protection measures make it more difficult for unauthorized persons to access secure information, and the most effective security protocols also limit data exfiltration.
Such protocols place strict limits on the type of information that can be transferred out of a database (and emailed or copied onto a memory stick), on the speed of such transfers and on the amount of data that can be transferred in one day.
For example, Manning allegedly copied hundreds of thousands of documents from a secure database in a short time, an action that might have been prevented by data-exfiltration limits.
With stringent limits in place, a hacker will have to access the secure information over a period of several days or weeks, making him or her much more likely to be caught in the act.
Above all, organizations must keep their proverbial eyes open for any signs of suspicious activity. Furthermore, they must stay abreast of the latest security advances and the methods that unscrupulous individuals are using to foil them.
There is no total guarantee against data breach, but staying aware of security methods and constantly monitoring sensitive information will minimize breaches and the damage they cause.