What exactly is a data breach and why should I care?
Kurt "CyberGuy" Knutsson goes in depth with what actually happens after a data breach, when an unauthorized person gains access to private information.
Data breaches have become common, and if you’ve actively used online services in the past year, you might have been affected by them. For example, the Advance Auto Parts breach exposed more than 2.3 million users' personal information, while a recent AT&T incident allowed hackers to access around six months of customer call and text interactions. But what do bad actors do with all this data?
John from Jackson, Mississippi, asked a similar question that I want to highlight and address because it helps all of us:
"What do you mean when you say a company has exposed 2.3 million or whatever in a data breach? This happens often, but there is never any follow-up. It’s like throwing address labels in a trash can, and then they are carried to the landfill. So? What really happens with a data breach?"
I get what you’re saying, John. Data breaches make headlines, but you rarely hear about the fallout. It's tough to link a specific breach to a specific problem later on. Below is a detailed look at what a data breach actually means.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
A data breach occurs when an unauthorized person gains access to information that is meant to be confidential, private, protected or sensitive. Think of it this way: You have personal information that you trusted a friend with, but while sharing it, someone who wasn’t supposed to know it overheard it.
A real-life example is the AT&T data breach mentioned earlier. Your call logs and text interactions that were meant to be private and which you trusted AT&T to protect ended up in the hands of hackers. These details can now be used by bad actors to scam you.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
Data breaches can happen in a few ways. Hackers might target specific organizations or launch broad attacks hoping to steal certain kinds of data. They can also use targeted cyberattacks to go after specific individuals.
Sometimes, data breaches occur due to honest mistakes or oversights by employees. Weaknesses in an organization's systems and infrastructure can also leave them vulnerable to data breaches.
MASSIVE DATA BREACH EXPOSES 3 MILLION AMERICANS' PERSONAL INFORMATION TO CYBERCRIMINALS
Here’s what typically happens in a data breach that’s deliberately caused:
Research: Cybercriminals often begin by identifying a target, such as a large corporation like AT&T, focusing on the type of data they want, which could include personal customer information. They search for weaknesses in the company's security, which might involve exploiting system flaws or targeting network infrastructure.
Attack: The attackers make their initial move using either a network or social attack. Common methods include phishing attacks, where individuals are tricked into revealing personal information; malware attacks that can steal or encrypt data; and denial-of-service attacks that disrupt services. These tactics can compromise the personal information of customers, such as names, addresses, phone numbers and even payment information.
Exfiltration: Once inside the company's systems, cybercriminals tunnel their way to confidential data. For individuals, this means that their personal information can be extracted and sold on the dark web, used for identity theft or for other malicious purposes. The impact on individuals can be severe, including financial loss, damage to credit scores and the emotional stress of having personal information exposed and misused.
WORLD'S LARGEST STOLEN PASSWORD DATABASE UPLOADED TO CRIMINAL FORUM
Once the hackers obtain protected and confidential data, they have various ways to profit from it. They can use compromised data for illegal activities, including identity theft, financial fraud, spamming or even extortion. Information such as email addresses and phone numbers can be used in phishing scams.
Sometimes, this data is also posted on dark web forums for sale. It can be purchased by other criminals, who may use it for various illicit activities. Just as you don’t hear about every burglary, homicide or battery, you don’t hear about each instance of these criminal activities.
They only make headlines when something significant occurs, such as the incident where hackers scammed a Colorado woman out of $25,000 or when a man was arrested for scamming a Kalispell, Montana, woman of $150,000.
Data breaches impact not only customers but also the companies involved. These companies may face government fines or lawsuits. For example, AT&T is currently dealing with a class-action lawsuit due to a security breach in 2022 that exposed months' worth of data from nearly all its customers. Similarly, T-Mobile is facing a lawsuit related to a data breach that affected millions of people.
CYBERCRIMINALS TAKING ADVANTAGE OF CROWDSTRIKE-LINKED GLOBAL COMPUTER OUTAGE
It’s primarily the responsibility of companies or online services to keep your data safe, but if it gets exposed, here are some tips to keep in mind:
If hackers have recorded your passwords, they could access your online accounts and steal your data or money. ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc. You want to do this on another device so that the hacker isn’t recording you setting up your new password on your hacked device. And you should also use strong and unique passwords that are hard to guess or crack. You can also use a password manager to generate and store your passwords securely.
Activate two-factor authentication (2FA) for an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.
You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, immediately report it to the service provider or authorities. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.
If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges and issue new cards for you.
You should also contact one of the three major credit reporting agencies (Equifax, Experian or TransUnion) and request a fraud alert to be placed on your credit file. This will make it more difficult for identity thieves to open new accounts in your name without verification. You can even freeze your credit, if need be.
Consider investing in personal data removal services that specialize in continuously monitoring and removing your personal information from various online databases and websites. These services employ advanced tools and techniques to identify and eliminate your data from people-search sites, data brokers and other platforms where your information might be exposed. By using a data removal service, you can minimize the risk of identity theft and fraud, especially after a data breach. Additionally, these services often provide ongoing monitoring and alerts, keeping you informed of any new instances of your data appearing online and taking immediate action to remove it. Check out my top picks for data removal services here.
Identity theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.
If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.
The impact of a data breach may not be immediate, but once your data is on the internet, it can be misused by bad actors. They can steal your hard-earned money, cause emotional and mental harm or affect your loved ones. So, even if you don’t see the immediate impact of a data breach, take action. Ensure your devices are protected, and keep a close eye on your bank accounts.
Have you ever noticed unusual activity in your accounts after a data breach was reported? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.