What is a data breach?
The Malwarebytes Labs blog called 2018 the year of the data breach. What a year it was. The list of companies that were hacked by cybercriminals reads like a who’s who list of the world’s biggest tech companies, retailers, and hospitality providers—and that’s only the data breaches that we know about. In many instances, an organization or company won’t even know they’ve been breached until years later. According to the Ponemon Institute’s 2018 Cost of a Data Breach study, a data breach goes undiscovered for an average of 197 days. It takes another 69 days to remediate the data breach. By the time the security failure is discovered and fixed, the damage is already done. The criminals responsible will have enjoyed unfettered access to databases full of valuable data—your valuable data. Not to mention the data of hundreds of millions of people like you who had the bad luck of doing business with a company that got hacked.
Unlike most of the other topics we’ve covered under Cybersecurity Basics, a data breach isn’t a threat or attack in its own right. Rather, a data breach comes as a result of a cyberattack that allows cybercriminals to gain unauthorized access to a computer system or network and steal the private, sensitive, or confidential personal and financial data of the customers or users contained within. Common cyberattacks used in data breaches include the following:
- Broken or misconfigured access controls
With most data breaches, cybercriminals want to steal names, email addresses, usernames, passwords, and credit card numbers. Though cybercriminals will steal any data that can be sold, used to breach other accounts, steal your identity, or make fraudulent purchases with.
What should I do when my data is stolen?
Even if you’ve never used any of the sites and services listed on our list of biggest data breaches, there are hundreds of smaller data breaches that we didn’t mention. Before we get into our steps for responding to a data breach, you may want to visit Have I Been Pwned and see for yourself. All you have to do is enter your email address in the “pwned?” search box and watch in horror as the site tells you all the data breaches you’ve been pwned in.
It’s also worth noting that your data may be part of a breach that the public at large doesn’t know about yet. Often times a data breach won’t be discovered until years later.
One way or another, there’s a good chance your data was compromised and there’s a very good chance your data will be compromised again.
Now that you know your data is floating around somewhere on the Dark Web, we’ve created this step-by-step list of what to do when your data is stolen.
- Reset your password for the compromised account and any other accounts sharing the same password. Really though, you shouldn’t reuse passwords across sites. Granted, remembering a unique alphanumeric password for all of your online accounts and services is impossible—unless you’re good with mnemonics or, better yet, you have a hard drive implanted in your head like Johnny Mnemonic. For everyone else, consider using a password manager like 1Password. Password managers have the added benefit of alerting you when you land on a spoofed website. While that login page for Google or Facebook might look real, your password manager won’t recognize the URL and won’t fill in your username and password for you.
- Monitor your credit accounts. Look for any suspicious activity. Remember you get a free credit report, one from each of the three major credit bureaus, every year at annualcreditreport.com. This is the only US Federal Trade Commission authorized site for obtaining free credit reports.
- Consider a credit freeze. A credit freeze makes it harder to open up a line of credit under your name by restricting access to your credit report. You can lift or stop the freeze at any time. The only hassle is that you must contact each credit bureau individually to enact or remove a freeze.
- Watch your inbox carefully. Opportunistic cybercriminals know that millions of victims of any given data breach are expecting some kind of communication regarding hacked accounts. These scammers will take the opportunity to send out phishing emails spoofed to look like they’re coming from those hacked accounts in an attempt to get you to give up personal information. Read our tips on how to spot a phishing email.
- Consider credit monitoring services. Should you sign up? Often times, after a data breach, affected companies and organizations will offer victims free identity theft monitoring services. It’s worth noting that services like LifeLock et al. will notify you if someone opens up a line of credit in your name, but they can’t protect your data from being stolen in the first place. Bottom line—if the service is free, go ahead and sign up. Otherwise, think twice.
- Use multi-factor authentication (MFA). Two-factor authentication is the simplest form of MFA, meaning you need your password and one other form of authentication to prove that you are who you say you are and not a cybercriminal attempting to hack your account. For example, a website might ask you to enter your login credentials and enter a separate authentication code sent via text to your phone.
How do I prevent data breaches?
The fines, clean-up costs, legal fees, lawsuits, and even ransomware payouts associated with a data beach add up to a lot of money. The 2018 Ponemon Cost of Data Breach study found the average cost of a data breach to be right around $3.9 million, an increase of 6.4 percent over the previous year. While the cost for each stolen record came in at $148, an increase of 4.8 percent over the previous year. According to the same study, your chances of experiencing a data breach are as high as one in four.
Doesn’t it make sense to be proactive about data security and avoid a breach in the first place? If you answered yes, and we hope you did, here are some best practices to help keep your business and your data secure.
Practice data segmentation. On a flat data network, cybercriminals are free to move around your network and steal every byte of valuable data. By putting data segmentation into place, you slow criminals down, buying extra time during an attack, and limiting compromised data. Data segmentation also helps with our next tip.
Enforce the principle of least privilege (PolP). PolP means each user account only has enough access to do its job and nothing more. If one user account is compromised, cybercriminals won’t have access to your entire network.
Invest in a good cybersecurity program. If you have the misfortune of clicking a malicious link or opening a bad attachment, a good cybersecurity program will be able to detect the threat, stop the download, and prevent malware from getting onto your network. Malwarebytes, for example, has protection products for business users just like you.
For inquiries, email us at email@example.com