What is a data breach?

(Image credit: Shutterstock / binarydesign)

The year 2020 has, quite possibly, been one of the craziest and most terrifying to date. We started with the devastating Australian bushfires, then moved onto murder wasps, COVID-19, a plague of locusts…the list goes on! What more could this year possibly throw at us?

The answer? A data breach.

With Covid-19 still gripping the world, another villain to add to our list of 2020 woes is the very real prospect of having sensitive data stolen. But, although we know this is happening all around us, what exactly is a data breach? We’re sure you have many more questions where that came from so, if you want to get informed, stick around...

About the author

Christine Sabino is a Senior Associate at Hayes Connor

Data breach

A data breach occurs when sensitive data is stolen or leaked either by an individual, organisation, or hackers who’ve gone looking for it. Any type of data may be leaked in this way, either accidentally or maliciously. This could include:

  • Credit card details
  • Social Security or National Insurance numbers
  • Information about a person's healthcare history
  • Customer lists
  • Trade secrets

A data breach, be it personal or official company information, can be truly devastating. For companies, it may not only lead to expensive lawsuits, it can completely obliterate customer loyalty and trust. On the other hand, for victims of more personal data breaches, this can be extremely emotional, and can even cause people to lose jobs, relationships, and more.

Either way, neither one is more serious than the other. Both types can have a huge effect on the welfare and lives of those affected. It’s a really serious matter that more people need to be aware of.

What causes a data breach?

When you hear the words “data breach”, your first thought will likely be of a dark room somewhere unknown, with a masked man behind a computer screen hacking into your system.

That said, a breach of data can occur for a number of reasons; some malicious, and others accidental. Starting with the accidental reasons, and then letting you in on the more malicious reasons, these include:

Accidental data breach causes

  • Lack of training in the workplace, which leads to people handling data in the wrong way
  • An employee accidentally accessing sensitive company information through a colleague's laptop, for example
  • Losing a device containing sensitive information

Malicious data breach causes

  • Weak passwords
  • Out of date security systems
  • Malware installed on the device
  • Using an insecure network
  • A malicious insider purposely accessing or sharing sensitive information
  • Smart home devices
  • Technology moving faster than data protection can
  • Stolen devices
  • Unsafe links in phishing emails and text messages

Why is Covid-19 causing a spike in data breaches?

With so many people still working from home, this has led to some worrying statistics in cyber security threats. This is due to a number of reasons, but mainly the speedy transition of employees moving from the office to their home. This meant that businesses were often unable to provide the correct tools, systems, and infrastructure to protect sensitive data.

For example, this transition meant that many employees were, and still are, using personal laptops for company work. This poses a problem, as most are running on outdated software, and without malware protection systems. They may also have been working without a VPN, and instead using an unsecure network, leaving sensitive data open for anyone to use.

With so many people still working from home, company data may continue to be at risk if the proper precautions aren’t taken. But what damage can a data breach really do?

What damage can a data breach do?

Data breaches can cause serious damage to those affected. As we’ve seen, a breach of this kind can affect either a company or an individual in many different ways. The potential fallout of each of these cases may include:

Personal data breaches

Starting with the often forgotten individuals who may be affected by a data breach, it really could be ruinous. For starters, having personal information stolen may lead to identity theft, which could lead to a lowered credit score, and money being stolen from bank accounts. For some, this can cause complete financial ruin.

On a more emotional note, if personal information or photographs are leaked, this can be very embarrassing for some. This could cause the break up of relationships, and it may even lead to the loss of a job along the way. This can then lead to the individual, understandably, experiencing a number of mental health issues.

Company data breaches

On the other hand, if a company falls foul to a data breach, be it through malicious malware or through human error, the consequences can be very serious. The most obvious consequence is the potential to be hit by major lawsuits, which may lead to crippling company debt.

That’s not all, though, as a company who experiences a breach of sensitive information and chooses to do nothing about it may seriously affect their customer loyalty. This can have further knock-on effects on sales, leading to more financial trouble along the way.

How can I prevent a data breach?

These effects are pretty scary, so I’m sure you’re wondering exactly how you can avoid becoming victim to this devastating fate. There are a number of ways you can protect yourself and your business from a cyber threat, including:

  • Maintaining secure passwords
  • Ensuring all logins have MFA enabled
  • Learning how to identify malicious emails
  • Training employees on how to handle sensitive information
  • Monitoring your accounts regularly for suspicious activity
  • If you notice suspicious activity, contacting the correct organization
  • Using PayPal when dealing with invoices from unknown entities
  • Being sure to keep oversharing online to a minimum
  • Updating devices regularly
  • Installing antivirus software
  • Using secure URLs when browsing online (https, not http)
  • Installing a VPN and making sure all staff are connected
  • Shredding sensitive office documents
  • Providing company laptops

What should I do if a data breach occurs?

As an individual and customer, you put trust in the institutions and businesses you put money into. Be it the healthcare system, the government, or just your average retail store, you want to be sure your personal details are safe. But, what happens when they’re not?

If your personal or company details become exposed to anyone that shouldn’t have access to this data, you’re entitled to claim for compensation. Not only will this compensation include monetary compensation, it may also involve an apology from the respective parties.

Finding a solicitor that handles data breaches, specifically those with a more personal agenda, is really important. After all, although company data breaches may be very serious, personal data breaches can often be very emotionally charged.

Although claiming for a data breach won’t necessarily get you the apology you may need, it should help you to gain some financial aid to deal with the fallout of this issue. Whether it be compensating for a job lost, friends lost, or relationships lost, this should go some way to helping you pick up the pieces.

So, if you think you’ve been a victim of a data breach, don’t hesitate to get in contact with a lawyer dedicated to helping you achieve this.

Don't get left behind

At the end of the day, data breaches are avoidable to a large extent. It’s all about keeping up-to-date with the latest scams, software, and training, so you can ensure you and your employees know the preventative measures to put in place.

With technology constantly updating all the time, we can’t always know everything. That said, by reading the latest news on the matter, and ensuring to implement some of the tips above, you’ll be well on your way to protect yourself.

Don’t fall behind, and you’ll most likely get ahead of any malicious activity.

Christine Sabino is a Senior Associate at data breach claim solicitors Hayes Connor. she is a great leader and is passionate about technology.