{"componentChunkName":"component---src-templates-dictionary-term-tsx","path":"/dictionary/data-breach","result":{"data":{"contentfulDictionaryTerm":{"title":"Data Breach","slug":"data-breach","descriptionMeta":{"childMarkdownRemark":{"rawMarkdownBody":"Learn about data breaches, data leakages, and data loss. Discover how cybercriminals steal sensitive information and the steps you can take to protect your data from unauthorized access."}},"body":{"body":"# Data breaches, data leakages, and data loss: understanding cyber threats\n\nThere are a number of ways information ends up in the hands of cybercriminals, and understanding the relationship between data breaches and data leakages helps clarify these methods.\n\n__Data leakage__ occurs when sensitive information is accidentally exposed, leading to data theft or loss. A notable example is the case with Facebook in 2019, where a data leak exposed over [540 million records](https://www.npr.org/2021/04/09/986005820/after-data-breach-exposes-530-million-facebook-says-it-will-not-notify-users \"npr - After Data Breach Exposes 530 Million, Facebook Says It Will Not Notify Users\"), including account names and IDs, on a publicly accessible server. This was not due to a hacker but rather an internal misconfiguration that left the data exposed.\n\n__A breach__ happens when hackers deliberately steal private information by attacking a website or app. For example, the [Equifax breach in 2017](https://www.ftc.gov/enforcement/refunds/equifax-data-breach-settlement \"FTC - Equifax Data Breach Settlement\") saw hackers steal the personal data of 147 million people, including social security numbers, birth dates, and addresses. This breach was due to a vulnerability in Equifax’s software, which the hackers exploited.\n\n__Data loss__ refers to the unintended destruction or deletion of information. This can happen due to various reasons, such as system failures, human error, or cyberattacks. For instance, the [2017 Amazon Web Services (AWS) outage](https://www.npr.org/sections/thetwo-way/2017/03/03/518322734/amazon-and-the-150-million-typo \"npr - Amazon And The $150 Million Typo\") led to a huge loss of data for several businesses relying on their cloud services. Unlike data leakage or breaches, data loss may not always involve unauthorized access but still poses severe consequences for organizations, including operational disruptions and financial setbacks.\n\n### The difference\nThe main difference between data leakage and a breach is how they occur. Data leakage typically results from internal mistakes or weak security practices, whereas a breach is the result of external hackers attacking to steal information.\n\n![Data leakage concept](//images.ctfassets.net/18tcvm6gnkis/7JGItbat71kFb3kXxPKE3t/ab07c5fcbc49766526536cc26ec37475/shutterstock_2215613737-min.jpg)\n\n## What's a data breach?\nData breaches occur when hackers gain unauthorized access to sensitive data, often by attacking a website or app. These incidents can arise from cybersecurity mishaps, whether intentional or accidental, that expose personal data and leave individuals vulnerable to harm. Data breaches can be seen as both data leakages and breaches because they can result from internal vulnerabilities, like poor security practices leading to leakage or direct external attacks. Both scenarios can have serious consequences, including [identity theft](https://guard.io/blog/how-to-avoid-identity-theft-online \"Guardio - How To Avoid & Recognize Identity Theft Online\") and financial loss.\n\n### Real-life examples\n__Data leakage:__ In 2018, a data leak at the United States Postal Service (USPS) exposed the data of [60 million users](https://thehackernews.com/2018/11/usps-data-breach.html \"The Hacker News - US Postal Service Left 60 Million Users Data Exposed For Over a Year\"). The leak was due to an authentication weakness in the USPS Informed Delivery service, allowing unauthorized access to user data.\n\n__Breach:__ The Yahoo data breaches of 2013 and 2014 are prime examples of breaches. Hackers stole data from over [3 billion accounts](https://www.reuters.com/article/idUSKCN1C82NV/ \"Reuters - Yahoo says all three billion accounts hacked in 2013 data theft\"), including email addresses, dates of birth, and security questions and answers. These breaches were the result of sophisticated, coordinated attacks by external hackers.\n\n__Data loss:__ The 2017 [Amazon Web Services (AWS) outage](https://www.datacenterknowledge.com/archives/2017/03/02/aws-outage-that-broke-the-internet-caused-by-mistyped-command#close-modal \"Data Center Knowledge - AWS Outage that Broke the Internet Caused by Mistyped Command\") led to significant data loss for several businesses relying on their cloud services. This incident highlights the importance of robust data backup and recovery strategies.\n\nData leakage, breaches, and data loss can be costly, potentially resulting in the loss of careers, reputations, or even life savings for those involved. These attempts aren’t limited to individuals, groups, companies, or even governments. It is a raging problem, and its instances are increasing drastically.\n\nMost data breaches occur due to human error, poor passwords, carelessness, and simple mistakes. Additionally, phishing, malware, and strategic hacking attempts can steal information from businesses and individuals. To combat this, business owners need sustainable response plans, robust security protocols, and detailed information about potential breaches. We also recommend using professional cybersecurity tools like [Guardio](https://guard.io/plans \"Guardio Plans page\") to enhance current security measures. These simple steps will help protect against unauthorized access.","childMarkdownRemark":{"htmlAst":{"type":"root","children":[{"type":"element","tagName":"h1","properties":{"id":"data-breaches-data-leakages-and-data-loss-understanding-cyber-threats","style":"position:relative;"},"children":[{"type":"text","value":"Data breaches, data leakages, and data loss: understanding cyber threats"},{"type":"element","tagName":"a","properties":{"href":"#data-breaches-data-leakages-and-data-loss-understanding-cyber-threats","ariaLabel":"data breaches data leakages and data loss understanding cyber threats permalink","className":["anchor","after"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"There are a number of ways information ends up in the hands of cybercriminals, and understanding the relationship between data breaches and data leakages helps clarify these methods."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"Data leakage"}]},{"type":"text","value":" occurs when sensitive information is accidentally exposed, leading to data theft or loss. A notable example is the case with Facebook in 2019, where a data leak exposed over "},{"type":"element","tagName":"a","properties":{"href":"https://www.npr.org/2021/04/09/986005820/after-data-breach-exposes-530-million-facebook-says-it-will-not-notify-users","title":"npr - After Data Breach Exposes 530 Million, Facebook Says It Will Not Notify Users"},"children":[{"type":"text","value":"540 million records"}]},{"type":"text","value":", including account names and IDs, on a publicly accessible server. This was not due to a hacker but rather an internal misconfiguration that left the data exposed."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"A breach"}]},{"type":"text","value":" happens when hackers deliberately steal private information by attacking a website or app. For example, the "},{"type":"element","tagName":"a","properties":{"href":"https://www.ftc.gov/enforcement/refunds/equifax-data-breach-settlement","title":"FTC - Equifax Data Breach Settlement"},"children":[{"type":"text","value":"Equifax breach in 2017"}]},{"type":"text","value":" saw hackers steal the personal data of 147 million people, including social security numbers, birth dates, and addresses. This breach was due to a vulnerability in Equifax’s software, which the hackers exploited."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"Data loss"}]},{"type":"text","value":" refers to the unintended destruction or deletion of information. This can happen due to various reasons, such as system failures, human error, or cyberattacks. For instance, the "},{"type":"element","tagName":"a","properties":{"href":"https://www.npr.org/sections/thetwo-way/2017/03/03/518322734/amazon-and-the-150-million-typo","title":"npr - Amazon And The $150 Million Typo"},"children":[{"type":"text","value":"2017 Amazon Web Services (AWS) outage"}]},{"type":"text","value":" led to a huge loss of data for several businesses relying on their cloud services. Unlike data leakage or breaches, data loss may not always involve unauthorized access but still poses severe consequences for organizations, including operational disruptions and financial setbacks."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"the-difference","style":"position:relative;"},"children":[{"type":"text","value":"The difference"},{"type":"element","tagName":"a","properties":{"href":"#the-difference","ariaLabel":"the difference permalink","className":["anchor","after"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"The main difference between data leakage and a breach is how they occur. Data leakage typically results from internal mistakes or weak security practices, whereas a breach is the result of external hackers attacking to steal information."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-wrapper"],"style":"position: relative; display: block; ; max-width: 500px; margin-left: auto; margin-right: auto;"},"children":[{"type":"text","value":"\n        "},{"type":"element","tagName":"span","properties":{"className":["gatsby-resp-image-background-image"],"style":"padding-bottom: 66.8%; position: relative; bottom: 0; left: 0; background-image: url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAMCAgMCAgMDAwMEAwMEBQgFBQQEBQoHBwYIDAoMDAsKCwsNDhIQDQ4RDgsLEBYQERMUFRUVDA8XGBYUGBIUFRT/2wBDAQMEBAUEBQkFBQkUDQsNFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBT/wAARCAAbACgDAREAAhEBAxEB/8QAGQABAQADAQAAAAAAAAAAAAAABwQDBQYI/8QAKxAAAgEDBAECBgIDAAAAAAAAAQIDBAURAAYSITEHExQiQVFhcYGhMjNC/8QAGQEBAQEBAQEAAAAAAAAAAAAABgUEAgcD/8QAMBEAAQMDAgUBCAEFAAAAAAAAAQIDBAARMRIhBRNBUXEUFSJSYYGRobHBBjKS4fH/2gAMAwEAAhEDEQA/AKritho9tvdGjamiSThGqMcFjk5I/A/WkwioLSniN8Dz/oUWMx0SERknaxUonsNvuT+jVdEo2pt2bq51kESc5o6adDBBkcvb+dvmbvJC+Pv41SdSiI0ESHFHpYYHyo764SJHNjNITc5UDqPS+2B5os35tG709PNDPVqa5mDRxBXVo8gsYMZwSQDhgSDjA86Mo1Pvhhp8ElJIFje4O4zm2O9J2pzKo3qyyQgKCSbi1vixi+x6ih/d/wARctupeW5wPGRR3CCJeIWRQPbmAI65r0fplTq1JTzGUyE7dFeeh+o/NZYiuRJXCUbj+5BPwnKSeuk4+RFD1wpJIkYuE+/EeRgeP32NQCkgb0kCgTtXp257/qW2BYZEczoaypWRSOQ5KqFf6OkL2sQminur9D+KNshHtSQlXwIt4uq/5qTce/7/AGz0zprpUVtwo3oa1GoucYRFiqOeZACO1LdAn+NZ2RyIy5bZ98KH0uLYrGpEV7iPo9IIWlWruSkja/yG9hV9n3hDvG2zCurLpUTUDR1VXdLVTK0SKGCwn5v+y+egvzePtorLdnNTPaaEC4A2/wCde9IIqICYp4aokJJVnxfJ6UeVN6k3TWbgtLERCrtsr44kYmib3F6z0MB+j33jTKO76xDqLW1JJ8Ee8P5qNJaEP08gG+hYF+6Ve6fvsaJ7xcJKhmh4rGwzyKDBY486grUTtSZCAN6UdpVZvG0bpZKN45bkZFr7fAZO5pUUiSJe+i0Y6/K6WQUoksKjX3yPI2I+o/VEeJKMSW1OXsi2hZ7Am6VeEqz8jTZaLXt31A2PRz2YqaGZY6WSGsRqlIEJHuwVMeeWFIypHak/QDBSOtWjByC2FIsbp6+CMm569K8wclPQZjjHElFLwOpCgdIPZSTjGRg+a5ngu1PWTYtkhZIrC8iFqW2xyQpMzS5HL3f9hDohyfxjB0O4mXBob5WhNjZNj187mm8TRJ4fIkh3mOHKiQbWGPd2GxNG0Uk1R6pbgq2WRYqSW5LMJQFaPEU3RA+oOBr48KB5hJwAr8JNW+IWTw5tsZJbt/kmiEyv7K+4wkn9sc5G+vQyP2NQRe2+aYKtqNsXrBDcKm3L8ZSzvBVQuJY5UOGV1BKkH8HW2O4ptQUk2NcqaQ8eU4LpVsQeoOaVfWjclz9P67bG4Nt1stmu14taVNwmpDwWplOMuyf4Z7+2mHF5L0JKH46tKlJBJHU+MV5//TcKPxZuTCnoDjbSyEBW+kdgc2+tbj0d3pet8bnsVzv1e90roqhFSWoVTxHZwBjH9aNzJkiQ1zXVkqAG9U+I8Lh8KjuMQmwhJFyB3/dc3vuuntdzur0srQPVTTJOy+ZA5bnn75+uuHVGOVJaNhj6HNb4TaZDTfNF9NiPkRj7Ube6804LsWJ8/wA+dSASTvSEgAbV/9k='); background-size: cover; display: block;"},"children":[{"type":"text","value":"\n          "},{"type":"element","tagName":"img","properties":{"className":["gatsby-resp-image-image"],"style":"width: 100%; height: 100%; margin: 0; vertical-align: middle; position: absolute; top: 0; left: 0; box-shadow: inset 0px 0px 0px 400px white;","alt":"Data leakage concept","title":"","src":"https://images.ctfassets.net/18tcvm6gnkis/7JGItbat71kFb3kXxPKE3t/ab07c5fcbc49766526536cc26ec37475/shutterstock_2215613737-min.jpg","srcSet":["https://images.ctfassets.net/18tcvm6gnkis/7JGItbat71kFb3kXxPKE3t/ab07c5fcbc49766526536cc26ec37475/shutterstock_2215613737-min.jpg?w=125 125w","https://images.ctfassets.net/18tcvm6gnkis/7JGItbat71kFb3kXxPKE3t/ab07c5fcbc49766526536cc26ec37475/shutterstock_2215613737-min.jpg?w=250 250w","https://images.ctfassets.net/18tcvm6gnkis/7JGItbat71kFb3kXxPKE3t/ab07c5fcbc49766526536cc26ec37475/shutterstock_2215613737-min.jpg?w=500 500w"],"sizes":"(max-width: 500px) 100vw, 500px","loading":"lazy"},"children":[]},{"type":"text","value":"\n        "}]},{"type":"text","value":"\n      "}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h2","properties":{"id":"whats-a-data-breach","style":"position:relative;"},"children":[{"type":"text","value":"What's a data breach?"},{"type":"element","tagName":"a","properties":{"href":"#whats-a-data-breach","ariaLabel":"whats a data breach permalink","className":["anchor","after"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Data breaches occur when hackers gain unauthorized access to sensitive data, often by attacking a website or app. These incidents can arise from cybersecurity mishaps, whether intentional or accidental, that expose personal data and leave individuals vulnerable to harm. Data breaches can be seen as both data leakages and breaches because they can result from internal vulnerabilities, like poor security practices leading to leakage or direct external attacks. Both scenarios can have serious consequences, including "},{"type":"element","tagName":"a","properties":{"href":"https://guard.io/blog/how-to-avoid-identity-theft-online","title":"Guardio - How To Avoid & Recognize Identity Theft Online"},"children":[{"type":"text","value":"identity theft"}]},{"type":"text","value":" and financial loss."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"h3","properties":{"id":"real-life-examples","style":"position:relative;"},"children":[{"type":"text","value":"Real-life examples"},{"type":"element","tagName":"a","properties":{"href":"#real-life-examples","ariaLabel":"real life examples permalink","className":["anchor","after"]},"children":[{"type":"element","tagName":"svg","properties":{"ariaHidden":"true","focusable":"false","height":"16","version":"1.1","viewBox":"0 0 16 16","width":"16"},"children":[{"type":"element","tagName":"path","properties":{"fillRule":"evenodd","d":"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"},"children":[]}]}]}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"Data leakage:"}]},{"type":"text","value":" In 2018, a data leak at the United States Postal Service (USPS) exposed the data of "},{"type":"element","tagName":"a","properties":{"href":"https://thehackernews.com/2018/11/usps-data-breach.html","title":"The Hacker News - US Postal Service Left 60 Million Users Data Exposed For Over a Year"},"children":[{"type":"text","value":"60 million users"}]},{"type":"text","value":". The leak was due to an authentication weakness in the USPS Informed Delivery service, allowing unauthorized access to user data."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"Breach:"}]},{"type":"text","value":" The Yahoo data breaches of 2013 and 2014 are prime examples of breaches. Hackers stole data from over "},{"type":"element","tagName":"a","properties":{"href":"https://www.reuters.com/article/idUSKCN1C82NV/","title":"Reuters - Yahoo says all three billion accounts hacked in 2013 data theft"},"children":[{"type":"text","value":"3 billion accounts"}]},{"type":"text","value":", including email addresses, dates of birth, and security questions and answers. These breaches were the result of sophisticated, coordinated attacks by external hackers."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"element","tagName":"strong","properties":{},"children":[{"type":"text","value":"Data loss:"}]},{"type":"text","value":" The 2017 "},{"type":"element","tagName":"a","properties":{"href":"https://www.datacenterknowledge.com/archives/2017/03/02/aws-outage-that-broke-the-internet-caused-by-mistyped-command#close-modal","title":"Data Center Knowledge - AWS Outage that Broke the Internet Caused by Mistyped Command"},"children":[{"type":"text","value":"Amazon Web Services (AWS) outage"}]},{"type":"text","value":" led to significant data loss for several businesses relying on their cloud services. This incident highlights the importance of robust data backup and recovery strategies."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Data leakage, breaches, and data loss can be costly, potentially resulting in the loss of careers, reputations, or even life savings for those involved. These attempts aren’t limited to individuals, groups, companies, or even governments. It is a raging problem, and its instances are increasing drastically."}]},{"type":"text","value":"\n"},{"type":"element","tagName":"p","properties":{},"children":[{"type":"text","value":"Most data breaches occur due to human error, poor passwords, carelessness, and simple mistakes. Additionally, phishing, malware, and strategic hacking attempts can steal information from businesses and individuals. To combat this, business owners need sustainable response plans, robust security protocols, and detailed information about potential breaches. We also recommend using professional cybersecurity tools like "},{"type":"element","tagName":"a","properties":{"href":"https://guard.io/plans","title":"Guardio Plans page"},"children":[{"type":"text","value":"Guardio"}]},{"type":"text","value":" to enhance current security measures. These simple steps will help protect against unauthorized access."}]}],"data":{"quirksMode":false}}}}}},"pageContext":{"title":"Data Breach","slug":"data-breach","keepLearning":[{"title":"Data Theft","slug":"data-theft"},{"title":"Database","slug":"database"},{"title":"Denial-of-service attack","slug":"denial-of-service-attack"}],"breadcrumb":{"location":"/dictionary/data-breach","crumbs":[{"pathname":"/","crumbLabel":"Homepage"},{"pathname":"/dictionary","crumbLabel":"dictionary"},{"pathname":"/dictionary/data-breach","crumbLabel":"data-breach"}]}}},"staticQueryHashes":["1614255152"]}