Data Breach Definition & Examples

This information is presented for general informational purposes only and is NOT legal advice.

This article provides a brief definition and examples of notable data breaches and how data breaches can be effectuated. These examples underscore the diverse nature of data breaches and the importance of robust cybersecurity practices to protect sensitive information from unauthorized access.

Data Breach Definition:

A "data breach" refers to a security incident in which information is accessed without authorization. This can involve confidential, sensitive, or protected information being copied, transmitted, viewed, stolen, or used by an individual or other entity unauthorized to do so. Data breaches can hurt businesses and consumers in a variety of ways, not only by leading to financial loss but also by affecting reputational damage and trust.

Notable Data Breaches:

Equifax (2017): One of the largest data breaches in history, this incident exposed the sensitive personal information of approximately 147 million people. Information leaked included Social Security numbers, birth dates, addresses, and in some cases, driver's license numbers. The breach was attributed to a vulnerability in a software component that the company failed to patch in time.

Yahoo (2013 and 2014): Yahoo experienced two massive data breaches, which came to light in 2016. The first, in 2013, affected all 3 billion accounts on its service, making it one of the largest breaches in history. The second, a year later, involved about 500 million accounts. Compromised information included names, email addresses, telephone numbers, dates of birth, hashed passwords, and in some cases, security questions and answers.

Marriott International (2018): This breach affected approximately 500 million customers of its Starwood hotel properties. Information compromised included names, phone numbers, email addresses, passport numbers, and travel information. The breach began in 2014 but was not discovered until 2018, highlighting the challenges of detecting and preventing sophisticated cyber attacks.

Target Corporation (2013): Around 110 million customers were affected by this breach, where attackers accessed Target's network using credentials stolen from a third-party vendor. Information compromised included customer names, phone numbers, email and mailing addresses, credit card numbers, and credit card verification codes.

Office of Personnel Management (OPM) (2015): The U.S. government's OPM announced a data breach that affected approximately 21.5 million current and former federal employees. The breach exposed sensitive information, including Social Security numbers, job assignments, performance ratings, and in some cases, fingerprints. This incident was significant due to the sensitivity of the compromised information, which could have implications for national security.

Examples of How Data Breaches Occur:

Phishing Attacks: Cybercriminals send fraudulent emails or messages that appear to be from a trusted source, tricking individuals into providing sensitive information like passwords, credit card numbers, or social security numbers.

Malware Attacks: Malicious software is used to infiltrate and damage or disable computers, systems, or networks, allowing attackers to steal or encrypt data. Ransomware, a type of malware, encrypts the victim's files, demanding payment for their release.

Exploitation of Software Vulnerabilities: Attackers exploit known or unknown flaws in software or operating systems to gain unauthorized access to systems or networks. These vulnerabilities can be the result of outdated software, unpatched systems, or inherent flaws in the software design.

Insider Threats: Employees or contractors with access to sensitive information might misuse their privileges to steal data, either for personal gain or as an act of sabotage. This can also include accidental breaches where employees inadvertently expose data through negligence or lack of awareness.

Physical Theft or Loss: Devices containing sensitive information, such as laptops, external hard drives, or smartphones, can be lost or stolen, leading to a data breach if the data is not properly encrypted and protected.

SQL Injection: This is a code injection technique that exploits vulnerabilities in an application's software to force it to execute unauthorized SQL commands. These commands can be used to access, modify, or delete data from the database without authorization.

Credential Stuffing: This involves using stolen account credentials (usernames and passwords) from one breach to gain unauthorized access to accounts on other platforms, exploiting the common practice of reusing passwords across multiple services.

Man-in-the-Middle (MitM) Attacks: Attackers intercept and possibly alter the communication between two parties (e.g., between a user and a web service) without their knowledge, potentially capturing sensitive information transmitted during the session.