Its pretty common nowadays to hear about a new data breach.
There are plenty of different forms a data breach can take, though.
There are even breaches that dont result in data breaches at all.
The core of a data breach is that some data intended to remain private is made public.
Contents
How Does a Data Breach Happen?
There are plenty of different ways that data breaches can happen.
The standard assumption is that an attacker somehow gained access to a private system and downloaded the data.
Entry would typically be acquired by the hacker exploiting some vulnerability.
Tip:A zero-day is an exploit actively used in the wild that had previously been unknown.
In some cases, for example, mitigation may be available to deactivate the vulnerable component.
Still, servers may need to way up going offline vs. being unable to defend against a known attack.
Because the vulnerability is not known before its actively exploited, zero days are hard to defend against.
Defense in depth is typically the best plan.
Phishing is another common cause of data breaches.
Insider Threats and Incompetence
Insider threats are an underappreciated risk point.
A disgruntled employee can use their legitimate access to cause great damage.
Incompetence can also be a cause of data breaches.
There are several examples of data breaches resulting from a company making a backup database public without realizing it.
Its worth noting that legally, gaining unauthorized access to a computer system is a crime.
This can even count if the data was made public accidentally by allowing open access to a system.
You likely couldnt be convicted for simply accessing a public site.
You probably would be sentenced if you tried downloading and selling that data on a dark-web forum.
What throw in of Data Gets Breached?
It also depends on your definition of what is breached.
Some hackers are after data that they can sell.
This sort of attack typically has the most significant impact on people as their data and privacy are impacted.
Some hackers have a cause and often target data that details misdeeds, perceived or otherwise.
Others are aimed at stealing proprietary or secret data.
This tends to be the realm of nation-states and corporate espionage.
Other breaches may never result in actual data breaches at all.
Technically there was a security breach, but no data was lost or exfiltrated.
Things like accessing a computer without permission are technically a crime.
This means that any breach involves some criminal activity.
Even in cases where the breach is considered in the public interest, the leaker can face criminal liability.
In some cases, this complicates whistle-blower cases.
But in some cases, gathering the evidence necessitates accessing things without permission.
It also involves sharing data without permission.
This can lead to whistle-blowers trying to remain anonymous or requesting amnesty to reveal their identity.
Additionally, determining what is in the public interest is notoriously fraught.
Many hacktivists would deem their actions in the public interest.
Most individuals whose data is released as part of that action would disagree.
Data targeted often has value to the hackers.
Data breaches typically gain access to as much data as possible, assuming that all data has some value.
