The 3 Most Common Types of Data Breaches — And How to Prevent Them
Whenever we hear the term “data breach,” most of us automatically envision hackers breaking into secure databases from some shady underworld location and downloading reams of data that they then use for some nefarious purpose.
While that is certainly one type of data breach, there are actually several different ways that data can be compromised, all of which can be equally devastating to victims. It’s important for businesses to understand these different types of breaches to protect against them. After all, in one recent high-profile breach, experts claimed that part of the reason it was successful was that the company was so focused on preventing one type of breach that it didn’t spot other problems developing until it was too late.
In general, there are three main causes of data breaches: Physical theft, skimming, and cybercrime. Often, criminals will use a combination of techniques to ensure the maximum payload from their efforts, but in most cases, the breach starts in one of these areas.
1. Physical Theft
Physical theft is exactly what it sounds like: A criminal physically steals information. This could mean that a computer, server, or mobile device is taken, or that physical records, such as receipts and customer file, are taken without authorization. While it might seem like physically stealing data would be challenging, such incidents actually account for more than 20 percent of all large data breaches overall; within the health care field, physical theft was the cause of almost half of all data breaches. In fact, one of the largest data breaches of all time, which potentially compromised the personal information of hundreds of thousands of veterans, stemmed from the theft of a laptop from a Veteran Affairs worker’s personal vehicle.
Because physical theft presents a real risk to data, it’s important to treat physical security with the same level of attention as cybersecurity. This means monitoring and restricting access to data storage and processing areas, enforcing strict policies regarding BYOD and remote access, developing policies regarding the locking and protecting of computers and mobile devices, and training employees to be aware of suspicious activity. Strict policies that govern the disposal of old data are also important; thieves are not above searching through the garbage to find useful information.
Skimming is the theft of data contained in the magnetic strip on the back of a credit or debit card. The magnetic strip contains all sorts of information that can be useful to a thief: the account number, expiration date, cardholder’s name and address, the PIN number, and more. Armed with that information, a criminal can not only go on a spending spree, but may be able to use that data to gather even more information about the victim, which can lead to identity theft and other issues.
Skimming usually happens in one of two ways. In some cases, unscrupulous employees will use small devices to skim the data from cards when out of view of the cardholder, such as when a waiter takes a credit card to pay the bill at a restaurant. In other cases, criminals are able to tamper with card readers at point-of-sale (POS) locations like gas pumps or ATMs, and install readers that steal the information from the card. Some skimmers may also be equipped with pinhole cameras to capture the PIN as it’s entered.
Protecting POS terminals against skimmers relies on vigilance, and close monitoring to prevent tampering. Experts recommend regularly opening or disassembling the terminal to ensure that it has not been compromised; if you find evidence of tampering, you could have a data breach and need to respond accordingly.
Cybercrime is, overall, the most common source of data breaches. This includes cyberespionage, Web application attacks, denial-of-service attacks, malware, and viruses. For example, one recent major breach was caused by malware that attacked POS terminals, collecting data from customers who paid using credit or debit cards. Applications called packet sniffers are commonly used by criminals to intercept data being shared over secure networks, including financial information and customer personal data.
Protecting against cybercrime is a major priority for any company that collects customer information, and usually involves ensuring that virus protection is kept up to date, installing intrusion detection and prevention software, maintaining firewalls, keeping logs of activity on sensitive networks, and following industry standards for data protection.
Every day businesses are under attack on multiple fronts, and realizing that data breaches can stem from several different source allows for a more comprehensive protection and response plan. Never assume that your data is safe because you have the best electronic protection, or because you don’t use POS terminals. Criminals want your data, and they will try anything to get it.