Data Breach in IT with Digital Security
Data breach is an incident that involves the unauthorized or illegal viewing, access or retrieval of data by an individual, application or service. It is a type of security breach specifically designed to steal and/or publish data to an unsecured or illegal location.
Data breach also known as data leak has become a common phenomenon in the IT sector. A data breach occurs when sensitive personal data of a business or individual is stolen or retrieved unauthorised by an external entity often referred to as cybercriminals. Data breaches occurs when these cybercriminals by one of the various means gain access to sensitive data and use them for criminal purposes.
Some of the stolen data are used to steal the victim’s identity or extort money from the owners of the information, which can be an individual or a business, while some hackers or cybercriminals sell the stolen information in the dark web marketplace.
More often than not, victims of data breach are not always aware when it happens; they realise this only after the damage has been done.
The following methods are adopted by cybercriminals in data breach:
- Malware
- Hacking
- Attack from inside; this can result from using unapproved software or hardware and privilege misuse.
- Physical attacks such as hardware skimming on ATMs
- User error; such as leaving a computer unlocked and misplacing of media that contain sensitive data
- Social Engineering.
11
Data Breaches
Data breach can occur in two ways, either intentionally or unintentionally. Intentional data breach happens when a hacker gain access into a company’s or an individual system in order to access sensitive information; hackers gain access to systems by tricking the victim to install a malware tool which are often sent through email attachments or in websites.
Unintentional data breach occurs in a number of ways which may include the loss of a smartphone or laptop, accessing an unsecured website by an employee of an organisation, connecting to a Wi-Fi network that is not secured, losing or misusing corporate tools by an organisation’s employee, downloading compromised software on a work system among so many other ways.
The internet offers us flexibility and quick access to getting things done. The world has gone online and more of human life and business are being digitalised and automated. The danger associated with such development is the increased exposure of sensitive data, the more businesses automate and digitise, and they tend to give up more rights on their data, which increases the chance of a data breach. The whole scenario is becoming more of a nightmare than it ought to be, it is obvious that without proper and adequate digital security, the benefits of going digital may be overridden by the inherent danger of data leakage.