What Is a Data Security Breach? Definition, Causes, and How to Protect Your Data

Data is more valuable than ever to organizations. In addition to providing them with a better understanding of their consumers, data also allows organizations to improve their decision-making with actionable insights. But, just as data becomes more and more valuable to businesses, so too does it increase in value for cybercriminals hoping to access it for malicious purposes. 

Data breaches pose a threat to consumers and businesses alike. While customers face the prospect of their personal information being stolen and used for crimes like identity theft and payment card fraud, data breaches expose organizations to potential lawsuits, revenue loss, and the loss of privately held assets. 

In this article, you’ll learn more about data security breaches, including what they are, how they happen, and some ways to prevent them. At the end, you’ll also find suggested cost-effective courses that can help you learn more about cybersecurity and start gaining job-relevant skills today. 

What is a data security breach? 

A data security breach occurs when unauthorized individuals or groups, such as hackers or cybercriminals, access sensitive information held by an organization. Some of the confidential information accessed and stolen by bad actors during a data breach includes corporate assets and personally identifiable information (PII) like social security numbers (SSN), credit card numbers, email addresses, and other personal data. 

Perhaps unsurprisingly, data security breaches are costly to businesses. According to IBM’s Cost of a Data Breach Report 2023, the average total cost of a breach reached an all-time high of $4.45 million that year, representing a 2.3 percent increase from 2022 [1]. The industries with the most costly data breaches that year – per the report – were health care, finance, pharmaceuticals, energy, and manufacturing.  

Real-world examples 

Data breaches are on the rise. According to research published on Statista in August 2023, the number of data compromises in the United States stood at 1,802 cases in 2022 [2]. That’s significantly higher than the 2005 figure, which pegged the number of compromises at just 157. 

The rapid expansion of digital technology powered by data collection likely contributed to this change. There is much more data collected and more organizations collecting it today than ever before, so there are simply more chances to gain unauthorized access to data than ever before too. 

Two notable examples of real-world data breaches that may have impacted you or someone you know include the following: 

• Yahoo, 2013 - 14: Between 2013 and 2014, Yahoo was subjected to a series of cyberattacks that resulted in more than 3 billion of its user accounts being compromised [3]. The data breach is considered to be the largest known in the history of the internet. 

• Facebook, 2019: In 2019, Facebook discovered a data breach that impacted over 530 million users, who had their account names, phone numbers, locations, and, in some cases, emails leaked and posted on an online hacking forum [4]. The hack affected users from 106 countries. 

Causes of data security breaches

Data security breaches can occur for many different reasons. These causes range from simple system errors to the actions of malicious insiders and the result of targeted malware attacks. According to IBM’s Cost of Data Breach Report 2023, the most frequent attack vectors used by hackers and their costs are as follows [1]: 

1. Phishing attacks - $4.76 Million

2. Stolen or compromised credentials - $4.62 Million

3. Unknown (zero-day) vulnerabilities - $4.45 Million

4. Cloud misconfiguration- $4.00 Million

5. Business email compromise - $4.67 Million

6. Social engineering - $4.55 Million

7. Physical security compromises - $4.10 Million

8. Malicious Insiders - $4.90 Million

9. Accidental data loss or lost/stolen devices - $4.46 Million

10. Known unpatched vulnerabilities - $4.17 Million

11. System errors - $3.96 Million

The report also found that attacks involving stolen or compromised credentials and malicious insiders took the longest to identify and contain, requiring nearly 11 months and ten months to resolve, respectively. While the causes of data breaches may vary considerably, they all pose a very serious risk to both organizations and consumers. 

How do data security breaches happen? 

Although there are many different causes of a data breach, the form that a cybersecurity attack takes typically follows the same basic pattern. Generally, cyberattacks can be broken down into five distinct phases, which cybersecurity professionals can analyze to help them devise protections against possible attacks. These five phases are as follows: 

1. Research and reconnaissance. The hacker gathers information about the target, their systems, and any possible vulnerabilities.

2. Scanning. The hacker identifies a way to infiltrate a system and gain access to information.

3. Access and infiltrate. The hacker executes their plan and gains initial access to their target system, operating systems, or applications.

4. Maintain access. The hacker secures their access to the system and seeks to maintain it by using rootkits or Backdoor attacks. The hacker steals the target data, such as personal and financial information.

5. Cover their tracks. The hacker covers their tracks to conceal their identity, the method of attack, and what they stole. 

In some cases, organizations hire ethical hackers, or “white hat hackers,” who attempt to hack into their systems, identify any vulnerabilities, and develop solutions to resolve them. Many organizations also have “bug bounty” programs that provide ethical hackers with compensation for identifying any possible bugs or vulnerabilities to limit any possible data breaches before they occur. 

Read more: 4 Ethical Hacking Certifications to Bolster Your Career

Data breach prevention

There are many ways that organizations can promote data protection. While there is no single method that ensures data remains completely secure, there are many practices that can lower the risk of a data breach when implemented together. Here are five practices that can help an organization protect their data from breaches: 

1. Encrypt all data. 

All data held within the organization should be encrypted both where it is stored and when it is in transit from one location to another. When data is encrypted, it’s turned from readable “plaintext” into “ciphertext” that can only be decrypted using a key associated with a string of numbers or a password that is generated by an algorithm. Keys are so complex that they resist brute force attacks or cyberattacks that seek to break passwords using computer programs. 

2. Restrict data access. 

Few people need access to all of an organization’s data. Rather than granting data access to every employee or contractor who works for the organization, it’s safer for organizations to establish clear guidelines on who can access what data and when. 

3. Keep a data inventory. 

A data inventory, or data map, is a catalog that records all of the data held within an organization and where it’s stored. This enables organizations to note where particularly sensitive data may be stored and to establish best practices to protect it from unauthorized access.  

4. Patch and secure infrastructure and networks. 

As IBM’s Cost of Data Breach report indicates, hackers are increasingly exploiting zero-day vulnerabilities to gain access to organizations’ internal systems. So, it’s more important than ever for IT professionals to patch vulnerabilities before they are discovered and exploited by bad actors. At the same time, they must also make sure that the organization’s network is guarded against attackers through the use of firewalls, intrusion detection systems, and other commonly used methods of data protection.  

5. Educate employees. 

Employee training is critical to establishing data security within an organization. As a result, it’s imperative that organizations provide their employees with the guidance and training they need to ensure that data remains safe and secure. Training often covers topics such as best practices for setting passwords, information that can and cannot be shared, and how to use the data protection tools within the organization properly. 

Read more: 9 Cybersecurity Best Practices for Businesses in 2023

Learn more about cybersecurity on Coursera

Good data protection is central to the operation of many modern organizations. If you’re interested in learning more about cybersecurity or joining the field yourself, you might consider taking a cost-effective, flexible course through Coursera. 

In Google’s Cybersecurity Professional Certificate, you’ll learn how to identify common risks, threats, and vulnerabilities to security systems, as well as techniques to mitigate them. Get job-ready in less than six months by receiving professional-level training from cybersecurity experts at Google.