A data breach occurs when an unauthorized person views, accesses, or retrieves protected or confidential data belonging to another. Data breaches are also called data leaks or data spills. They can occur either intentionally or unintentionally but the result is the same, the release of confidential information to an untrusted environment.
A common type of data breach is when computer hackers steal information. These are the kinds of incidents you might hear of on the news. Typically, a hacker or group of hackers will target an organization for its access to a person’s personal health information, personal identity information, financial information, trade secrets, or intellectual property. Hackers may also target national agencies to retrieve sensitive national security information.
Less common forms of data breach are unintentional breaches and physical breaches. An unintentional breach occurs when someone has unauthorized access to confidential data, but not the right to access it, and learns or distributes secured information. Physical data breaches occur when someone actually steals tangible confidential material. This can include things like paper documents, computer hard drives, laptops, and recorded media.
The Effects of a Data Breach
According to a report by the Identity Theft Resource Center (ITRC) the number of U.S. data breaches reached a record high in 2014. There were a total of 783 breaches in 2014, an increase of more than 27.5% from 2013. The previous record high was 662 breaches in 2010. The medical and healthcare industry accounts for 42.5% of the breaches identified in 2014 followed by the business sector constituting 33%, government/military constituting 11.7%, the education sector at 7.3%, and the banking/credit/financial sector at 5.5% of total identified breaches. It is important to note that these statistics only account for data breaches that were reported. Many breaches go unreported because organizations would rather not deal with the financial fallout, liability, and loss of consumer goodwill associated with public knowledge of data breaches.
In most cases there is no lasting damage to victims of a data breach. However, the theft itself can subject millions of individuals to the possibility of identity theft or fraudulent credit card purchases. It is not likely that a data thief will use a significant portion of the stolen data, but the potential vulnerability remains. It is that knowledge of vulnerability that leads clients and customers to lose faith in the organization that was targeted by the data breach. Companies will usually try to limit damages to the victims by providing subscriptions to credit reporting agencies or offering to replace affected credit cards. In any case, when people learn that a company has become the target of a data breach, their perspective of the company changes and it can significantly affect the price of the company’s shares on the stock market. For example, in 2013 Target suffered a data breach cost the company an estimated 40% in profit after share prices dropped.
How Does This Affect Me?
Organizations might be targeted by hackers but it is usually the individual’s information they’re after. Hackers are able to steal financial information, make a few credit card purchases before anyone notices, and move on before a bank can freeze the card. A victim’s individual losses might be in hundreds or thousands of dollars, but that is usually corrected by the authorities. The real problem is that your personal information should not be vulnerable to theft because you’ve put your trust in a company. Data breaches represent a lapse in security among the organizations that make a living off your goodwill.
If you have had your personal or financial information stolen because of a data breach, please contact us using the form on this page or call us at 424-245-5505. You may be part of a class action lawsuit.