In literal terms, to breach refers to an act of breaking as in breaking of a law, or of an agreement or violation of a contract or an obligation. Where it concerns our constant and daily involvement with the computer, a data breach is an act where an encrypted database is broken into and hacked, and the sensitive information within is greatly compromised. In such a case, the data referred to here, is the sensitively private, protected and confidential information as in customer or patients’ records which are required by Federal regulations to be protected. The data that is breached would generally involve personal information that identifies a person, secrets of certain trades or even of intellectual property.
For the most part though, the term “data breach” is often used to describe the stealing of data- a devious act by unauthorized people. These would be the hackers, fraudsters or modern-day spies. For a breach to have happened it only needs to be viewed. If it is, in fact, copied and sent out to dubious parties who do not have any authority over such data, the consequences could be disastrous.
Data Breach Leading To Grave Cybercrimes
When information is lost due to data breach, this actually forms the first step towards serious online crimes like identity theft, fraud involving credit cards or those that have to do with the banking system and processes. For these crimes to happen, these thieving rascals usually target data such as credit card numbers, bank account numbers, numbers of social security members, and Personal Identification Numbers (PINs).
Accidental Data Breach
The term “data breach” is also, sometimes used to describe the unintentional, inadvertent release of some sensitive and private data accidentally, through simple carelessness of an authorized person. Incidents of this nature have been known to happen from the nonchalant, devil-may-care handling of laptops or CD-ROMs. While no malicious intent is ever ascribed to such accidents, the potential consequences are nevertheless serious.
In many cases, when such a thing happens, where personal information is lost, the authorities require the organizations or the companies (in whose safekeeping such data is stored) to give notice to everyone whose information is compromised, even with the absence of malicious intent or even if there is very little risk of it.
Network of Cybercriminals
It is reported that there is today a worldwide network of cybercriminals and hackers solely dedicated to the stealing sensitive and confidential information. The spoils from these thieving crimes are then sold to a black market where the stolen data is traded in and can change hands several times.
The Prevention of Identity Theft
By a way of protection, there exist in the information security industry various guidelines and regulation mandates which govern the protection of confidential data against data breach. This covers a critical range, from the payment card industry data security standards to the Health Insurance Portability and Accountability.