While they were once a fairly rare occurrence, data breaches have steadily become a near-constant issue for businesses and consumers alike. According to a recent report from Risk Basked Security, there were 3,932 publicly reported data breaches in 2020, compromising over 37 billion records. Additionally, not every data breach is reported publicly, either due a lack of awareness or efforts to keep them under control.
It’s an issue that isn’t going away and has serious repercussions for everyone involved. For businesses, a single data breach can be crippling, with IBM and the Ponemon Institute claiming that the average data breach in the U.S. costs can a company roughly $8.19 million, or $242 per breached record. Meanwhile, can expose the personal data of millions (or billions) of people, potentially opening them up to identity theft and other forms of cybercrime.
So what should you do if your data is exposed?
What is a Data Breach?
The U.S. Department of Justice refers to a breach as “the loss of control, compromise, unauthorized disclosure, unauthorized acquisition, access for an unauthorized purpose, or other unauthorized access, to data, whether physical or electronic.” Put simply though, a data breach is any incident where confidential or sensitive information is access without permission. Though data breaches did occur in the pre-internet days, they have become increasingly common in the past two decades due to widespread adoption of eCommerce and the popularity of social media.
How Do Data Breaches Happen?
There are many different ways that a data breach can occur. Some of the most common causes include:
- Poor Security: Some organizations do not take proper security precautions, using poor passwords and databases lacking proper configuration.
- Hacking: The most common method, where a cybercriminal forces their way into a system, either through coding or stolen credentials.
- Malware: Cybercriminals will often use software like RAM scrapers and keyloggers to steal passwords and other sensitive information.
- Phishing: A strategy where cybercriminals send a seemingly legitimate email that either contains malicious software or asks for private information.
- Social Engineering: Similar to phishing, sometimes crooks will directly contact their targets under false pretenses to ask them for private information.
- Lost/Stolen Media: Most data breaches occur remotely, but some criminals will steal computers, hard drives, and paperwork containing sensitive data instead.
- Accidental Publication: There have been several instances where organizations unintentionally exposed their user’s information to the public.
What To Do If Your Data Has Been Exposed
First of all, you need to confirm that the breach even occurred. You might have received an email saying that there has been a breach, but this could be a phishing attempt by scammers who are posing as the potentially breached company in an effort to steal your personal information. Instead of answering these potentially fake emails, go directly to the company’s website or call them to confirm the breach.
From there, you need to find out if your individual information was compromised and what type of data was stolen. The specific of data that was compromised will determine how you should move forward. If your credit card number was exposed, you can simple cancel the card and replace it, but if your Social Security number (SSN) or some other personal identifiable information (PII) was exposed, this could lead to bigger problems. Regardless of what data was stolen though, it is a good idea to change your online logins, passwords, and security questions to prevent cybercriminals from accessing your accounts.
Depending on what organization was breached, it might offer some help to protect you against identity theft. You should consider taking the offer, especially if your PII or SSN were exposed, as you will need to closely monitor your credit and finances. Having additional help on the matter will be essential. Also, be sure to contact your bank and credit card account companies immediately, working with them to close any potentially compromised accounts and resolve any fraudulent transactions.
Data breaches are becoming more and more frequent, so it is vital to be informed and act quickly when they do happen. If you you’re a victim of a data breach, keep these steps in mind to protect yourself. No one can prevent all identity theft or cybercrime, but by staying alert, communicating clearly, and taking proper safety precautions, you can mitigate their impact and stay safe!