Data Breach

A data breach involves the unauthorized access of confidential, protected, or sensitive data. Data breaches may target personal health information (PHI), personally identifiable information (PII), payment cardholder data, trade secrets, intellectual property, or similar data. An attacker will often exfiltrate this data and hold it for ransom or attempt to sell it on the dark web.

A breach can happen through various tactics, techniques, and procedures (TTPs), including social engineering, spear-phishing, SQL injections, DDoS attacks, exploiting zero-day vulnerabilities (vulnerabilities that have been disclosed but not yet patched), malware attacks, malicious insiders, or simple human error. 

The costs of data breaches can be severe, with IBM reporting the global average cost clocking in at $4.45 million USD. “Cost” can also include significant reputational damage that can lead to organizations losing customers and even shuttering their business.

Due to the frequency and high cost of data breaches, many organizations are investing in preventive measures such as encryption, multi-factor authentication (MFA), and cybersecurity training for employees to mitigate the risks of data breaches. Threat detection paired with a robust incident response plan is key to managing and mitigating breach damage.