What is a security breach?

What is a security breach?

A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. It results in information being accessed without authorization. Typically, it occurs when an intruder is able to bypass security mechanisms.

Technically, there's a distinction between a security breach and a data breach. A security breach is effectively a break-in, whereas a data breach is defined as the cybercriminal getting away with information. Imagine a burglar; the security breach is when he climbs through the window, and the data breach is when he grabs your pocketbook or laptop and takes it away.

Confidential information has immense value. It's often sold on the dark web; for example, names and credit card numbers can be bought, and then used for the purposes of identity theft or fraud. It's not surprising that security breaches can cost companies huge amounts of money. On average, the bill is nearly $4m for major corporations.

It's also important to distinguish the security breach definition from the definition of a security incident. An incident might involve a malware infection, DDOS attack or an employee leaving a laptop in a taxi, but if they don't result in access to the network or loss of data, they would not count as a security breach.

Examples of a security breach

When a major organization has a security breach, it always hits the headlines. Security breach examples include the following:

Equifax

in 2017, a website application vulnerability caused the company to lose the personal details of 145 million Americans. This included their names, SSNs, and drivers' license numbers. The attacks were made over a three-month period from May to July, but the security breach wasn't announced until September.

Yahoo

3 billion user accounts were compromised in 2013 after a phishing attempt gave hackers access to the network.

eBay saw a major breach in 2014. Though PayPal users' credit card information was not at risk, many customers' passwords were compromised. The company acted quickly to email its users and ask them to change their passwords in order to remain secure.

Dating site Ashley Madison

which marketed itself to married people wishing to have affairs, was hacked in 2015. The hackers went on to leak a huge number of customer details via the internet. Extortionists began to target customers whose names were leaked; unconfirmed reports have linked a number of suicides to exposure by the data breach.

Facebook

Saw internal software flaws lead to the loss of 29 million users' personal data in 2018. This was a particularly embarrassing security breach since the compromised accounts included that of company CEO Mark Zuckerberg.

Marriott Hotels

Announced a security and data breach affecting up to 500 million customers' records in 2018. However, its guest reservations system had been hacked in 2016 - the breach wasn't discovered until two years later.

Perhaps most embarrassing of all, being a cybersecurity firm doesn't make you immune - Czech company Avast disclosed a security breach in 2019 when a hacker managed to compromise an employee's VPN credentials. This breach didn't threaten customer details but was instead aimed at inserting malware into Avast's products.

Types of security breaches

There are a number of types of security breaches depending on how access has been gained to the system:

An exploit attacks a system vulnerability, such as an out of date operating system. Legacy systems which haven't been updated, for instance, in businesses where outdated and versions of Microsoft Windows that are no longer supported are being used, are particularly vulnerable to exploits.

Weak passwords

Can be cracked or guessed. Even now, some people are still using the password 'password', and 'pa$$word' is not much more secure.

Malware attacks

Such as phishing emails can be used to gain entry. It only takes one employee to click on a link in a phishing email to allow malicious software to start spreading throughout the network.

Drive-by downloads

Use viruses or malware delivered through a compromised or spoofed website.

Social engineering

Can also be used to gain access. For instance, an intruder phones an employee claiming to be from the company's IT helpdesk and asks for the password in order to 'fix' the computer.

In the security breach examples we mentioned above, a number of different techniques were used to gain access to networks — Yahoo suffered a phishing attack, while Facebook was hacked by an exploit.

How to protect yourself against a security breach

Although no one is immune to a data breach, good computer security habits can make you less vulnerable and can help you survive a breach with less disruption. These tips should help you prevent hackers breaching your personal security on your computers and other devices.

Use strong passwords

Which combine random strings of upper and lower-case letters, numbers, and symbols. They are much more difficult to crack than simpler passwords. Don't use passwords that are easy to guess, like family names or birthdays. Use a Password Manager to keep your passwords secure.

Use different passwords on different accounts

If you use the same password, a hacker who gains access to one account will be able to get into all your other accounts. If they have different passwords, only that one account will be at risk.

Close accounts you don't use rather than leaving them dormant

That reduces your vulnerability to a security breach. If you don't use an account, you might never realize that it has been compromised, and it could act as a back door to your other accounts.

Change your passwords regularly

One feature of many publicly reported security breaches is that they occurred over a long period, and some were not reported until years after the breach. Regular password changes reduce the risk you run from unannounced data breaches.

If you throw out a computer, wipe the old hard drive properly

Don't just delete files; use a data destruction program to wipe the drive completely, overwriting all the data on the disk. Creating a fresh installation of the operating system will also wipe the drive successfully.

Back up your files

Some data breaches lead to the encryption of files and a ransomware demand to make them available again to the user. If you have a separate backup on a removable drive, your data is safe in the event of a breach.

Secure your phone

Use a screen lock and update your phone's software regularly. Don’t root or jailbreak your phone. Rooting a device gives hackers the opportunity to install their own software and to change the settings on your phone.

Secure your computer and other devices by using anti-virus and anti-malware software

Kaspersky Antivirus is a good choice to keep your computer free from infection and ensure that hackers can't get a foothold in your system.

Be careful where you click

Unsolicited emails which include links to websites may be phishing attempts. Some may purport to be from your contacts. If they include attachments or links, ensure they're genuine before you open them and use an anti-virus program on attachments.

When you're accessing your accounts, make sure you're using the secure HTTPS

Protocol and not just HTTP

Monitoring your bank statements and credit reports helps keep you safe

Stolen data can turn up on the dark web years after the original data breach. This could mean an identity theft attempt occurs long after you've forgotten the data breach that compromised that account.

Know the value of your personal information

Don't give it out unless necessary. Too many websites want to know too much about you; why does a business journal need your exact date of birth, for instance? Or an auction site your SSN?