Before, During and After Data Breach Attack

A data breach is an event that results in confidential, private, protected, or sensitive information being exposed to a person not authorized to access it. It can be the consequence of an accidental event or intentional action to steal information from an individual or organization. It is very likely that the breach damages the company’s reputation, and some smaller unprepared organizations might never recover from a major disaster. Reputational loss and decreased market value have often been cited as significant concerns. Loss of confidential data and compromising competitiveness of a firm can also cause havoc. Past events have shown that better prepared companies are able to survive an attack and continue their business operations. Active participation from senior decision makers can reduce the cost of data breach. Before computing became commonplace, a data breach could be something as simple as viewing an individual’s medical file without authorization or finding sensitive documents that were not properly disposed of. Data breaches did not begin when companies began storing their protected data digitally. In fact, data breaches have existed for as long as individuals and companies have maintained records and stored private information. Hackers and cybercriminals come up with new ways every day to steal sensitive information or personal data that they can potentially sell or ransom for money. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life.There are a variety of technical factors that contributed to the inevitability of this security breach, but first and foremost in creating a sound security policy is limiting access. Some companies do a very poor job of formulating sound policies for granting access to the various databases and fail to implement adequate measures to ensure unauthorized users who did not have a specific need to access the data were denied access to client data. The secondary issue is the part about encryption; without question, if the data was encrypted, the task of decrypting and making useful information out of the data would have been a significantly more difficult task for the hackers.

?In some organizations,?Once the attackers gained access to one of their vendor environments, they could use the login credentials of a third party vendor to then open the front door. Once on the network, it was easy for the hackers to exploit a known zero-day vulnerability in Windows. The vulnerability allowed the hackers to pivot from the vendor environment to the main network. There are a variety of technical and human factors that contribute to the inevitability of a breach. In a majority of the cases, fingers have been pointed to the technical inadequacy of the enterprise. Occasionally we hear issues related to policy violations. Organizations can ensure that a coherent and a secure strategic posture be developed.?Security education, training, and awareness programs need to be established and monitored on an ongoing basis . All constituents are given access to cybersecurity strategic goals, which helps in inculcating ownership and hence complianceVarious stakeholders should be involved and encouraged to participate in cybersecurity decision-making, which helps with increased compliance. Reputational damage is significant following a data breach, particularly if a company fails to respond promptly. When a data breach responsibility is attributed to a company, it results in negative emotions, which in turn translates to negativeword of mouth and even severing relationships with the enterprise. The focus should be on proactive management. System that effectively reduces risks is going to be more resilient to the security breaches. Risk reduction means a deflection of risk and risk sharing. Also an ability of an organization to prepare for the surprises and effectively responding to the breach incidents characterizes organizational resilience. When a data breach occurs, post crisis communication is perhaps the only opportunity that a company has to repair its reputation. Corporate risk and resiliency planning are important for organizations to be able to bounce back from disruptions and thus retaining stakeholder confidence. Well-considered governance is at the core of any successful cybersecurity program. Many important aspects require consideration - policy, best practices, ethics, legality, personnel, technical,compliance, auditing, and awareness. Weak governance is often considered to be the cause of organizational crisis. Executive buy-in, fully understanding the risk profile, taking threat seriously, policy enforcement, training, employee screening, offline backup of critical data and invest intelligently in security, and keep systems updated would help to make attack difficult for the criminals.

When attack occurs, Survey the damage, attempt to limit additional damage, record the details, Engage law enforcement, notify those affected and learn from the beach. As global cyberattacks increase, organizations must plan around this imminent danger. Organizations must evaluate existing business continuity plans and ensure that information security strategy is included. For an organization to move ahead of the threat of cyberattacks, it must go beyond traditional security systems, and shift focus to more preventative solutions. Organizations must invest in tools that bring the organization to the front of cybersecurity, with a focus on prevention. Examples of some tools and techniques to have in place are Threat Detection, Network Traffic Inspection, Network Segmentation ansd Penetration Testing. As cybersecurity risks increase, it is important to ensure the organization’s workforce is using information systems safely and securely. All too often, business units find themselves creating their solutions when IT is not involved, which leads to a significant security risk. Even with perfectly functioning IT governance, it is important to check in with business units to ensure they are following policies and procedures. The best approach to ensuring security best practices is to perform continual IT assessments. Assessments, when supported by the organization, allow IT to review how individual business units are using technology to perform business functions. . Logins should be tracked and reviewed for any activity outside of what is expected. Systems that do not automatically log activity should have such logs created. Programs that employees download and websites they visit should be reviewed for potential risks. Let employees know tracking mechanisms are in place to ensure cybersecurity. This will discourage them from engaging in non-work related internet activities that can be risky. Informing employees informs the workforce that not only is monitoring most essential, but employee awareness of the practice is very important as well. Employees need to know how to recognize phishing attempts via phone, email, and other methods. Require strong passwords and enforce penalties up to and including termination for sharing them. Educate employees on how to recognize suspicious websites. Share stories of current security attacks in the news to explain how those companies were compromised and how the incident is affecting the business. Most employees are loyal to their company. They will gladly work to ensure its success if they are informed, understand how important their role is in cybersecurity, and feel as if they are part of the solution.?Research over the years suggests that employees are at the root of most cyberbreaches. Employees are most capable of an error—sending a confidential email to the wrong email address, forgetting to protect a sensitive document, or having their businessconnected mobile device stolen. While IT policies can be implemented to prevent most of these occurrences, employees may not always follow the policy, and will inadvertently put the business at risk.The best way to mitigate this risk is to put in place a security training program for the workforce.

Since the first major online data breaches were reported in 2005 (the biggest of which was 92m through AOL), a whopping 54 billion records have been impacted in breaches affecting 10 million records or more–and counting.The impact of a data breach on individuals can be devastating. It can cause financial loss, damage your credit score, and emotional distress. You may have to spend hours or even days sorting through your finances, canceling credit cards, and changing passwords to ensure that your personal information is secure. Studies show that 29% of businesses that face a data breach end up losing revenue. Of those that lost revenue, 38% experienced a loss of 20% or more. A non-functional website, for example, may cause potential customers to explore other options. But any IT system downtime can lead to work disruptions. All activities that occur during the breach should be carefully kept track of in order to ensure the courts award a fair amount. Employees who are victims of a company data breach have legal recourse. Suing an employer for putting personal data at risk and collecting compensation are practical options. Bitdefender Digital Identity Protection only needs your email address and phone number to crawl data leaked from breaches to see if your information was exposed. You get a full list of organizations that revealed your details and what type of personal information was exposed. A claim for data breach compensation could take anywhere from a few months to a few years to resolve. If you suffer any damage whether it is material, or emotional because of a data protection breach, then you have a right to make a claim for data protection breach compensation.The Information Commissioner's Office (ICO) enforces data protection. While any industry could be subject to a data breach, those most at risk are businesses that are closely involved with people's daily lives. Companies that hold sensitive data or personally identifiable information are common targets for hackers. If you have been receiving odd or strange messages from numbers you do not recognize, then someone might be monitoring your phone. Spyware commonly sends and receives texts without the phone user's knowledge. So, if you have been getting messages that feel like they are mid-conversation, then that might be a sign of spyware.

One of the ethical consequences of a data breach is the loss of privacy. Most companies have confidential data. But this type of exposure not only puts the privacy of individuals at risk, it also opens your entire organization and all of its records, communications.Loss of customer and stakeholder trust can be the most harmful impact of cybercrime, since the overwhelming majority of people would not do business with a company that had been breached, especially if it failed to protect its customers' data. Data breaches often expose highly personal information, including Social Security numbers and passwords. Company recovers from data breach by having an incident response plan and a business continuity plan in place can help with that. Strong security policies and procedures can also make prompt action easier. Give your company the tools it needs to respond to and emerge from the breach even stronger. It is believed the majority of schools across the U.S have also been targeted by the hack. As the implications of the attack continue to emerge, further breaches have been confirmed at Shell, Siemens Energy, Schneider Electric, First Merchants Bank, City National Bank, and a number of international targets. In the finance sector, the followings have been hacked as well, Equifax Data Breach, Heartland Payment Systems Data Breach, Capital One Data Breach, JPMorgan Chase Data Breach, Experian, Block, Desjardins Group, Westpac Banking Corporation. When you receive an alert that says my password has appeared in a data leak. The notice informs you that your login credentials have been compromised during a cyberattack or your password is leaked in a data breach. The usual recommendation is that you should immediately change your account password. Other notable major data breaches not previously discussed include: TK/TJ Maxx: 94 million records compromised in 2007, Sony PlayStation Network: 77 million records compromised in 2010, Sony Online Entertainment: 24.6 million records compromised in 2011, Evernote: 50 million records compromised in 2013, Living Social: 50 million records compromised in 2013, Target: 70 million records compromised in 2013, Ebay: 145 million records compromised in 2014, Home Depot: 56 million records compromised in 2014, JP Morgan Chase: 76 million records compromised in 2014, Anthem: 80 million records compromised in 2015, Yahoo: One billion records compromised in 2016, Deep Root Analytics: 198 million voter records in 2017. The side effects of these data breaches. Financial Loss, Reputational Damage, Operational Downtime, Legal Action and Loss of Sensitive Data.?

Data breaches can affect the brand's reputation and cause the company to lose customers. Breaches can damage and corrupt databases. Data breaches also can have legal and compliance consequences. Data breaches also can significantly impact individuals, causing loss of privacy and, in some cases, identity theft. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. The consequences can include destruction or corruption of databases, the leaking of confidential information, the theft of intellectual property and regulatory requirements to notify and possibly compensate those affected. After a data breach, Notify the affected parties of the situation. This also complies with regulatory bodies to report any cyber incidents and demonstrate intent to protect or restore sensitive data. Fix the breach and remediate risks to prevent future incidents and return the business to a fully operational state. While being a part of a data breach does not automatically mean your identity will be stolen, it does put you more at risk of becoming a victim of identity theft. The smartest way to protect yourself from these unsavory intruders is to make sure you're covered with identity theft protection. The GDPR gives you a right to claim compensation from an organisation if you have suffered damage as a result of it breaking data protection law. This includes both “material damage” (e.g. you have lost money) or “non-material damage” (e.g. you have suffered distress). While any industry could be subject to a data breach, those most at risk are businesses that are closely involved with people's daily lives. Companies that hold sensitive data or personally identifiable information are common targets for hackers. Criminal hacking—it is what causes the majority of data breaches. These are planned attacks by cybercriminals always looking to exploit computer systems or networks. Some common techniques include phishing, password attacks, SQL injections, malware infection, and DNS spoofing. One clear sign of a cyberhack is receiving an email about a password reset that you did not request. The most obvious explanation is that a hacker is attempting to reset your password and access your account. Never respond to a password reset you did not request. If your password has been exposed in a data breach, you should immediately change the password on all affected accounts. Data breaches often occur as a means of obtaining sensitive information to commit further cybercrimes, such as identity theft or fraud. You can bring a claim for a data breach against an organisation either in the public sector, private sector or charitable sector. In some cases, there may be more than one defendant. How to prevent a data breach: Create complex passwords, Use multi-factor authentication when available, Shop with a credit card, Watch for fraud, Guard against identity theft, Set up account alerts, and Update software. The cost of a breach goes beyond the amount of data lost or disclosed depending on the time it takes to find it.?

On average, companies take about 197 days to identify and 69 days to contain a breach according to IBM. This lengthy amount of time costs businesses millions of dollars. After a data breach, You should change all affected or vulnerable passwords immediately. Use a password manager and create new, strong passwords for each account, and refrain from reusing the same passwords on multiple accounts. That way, if a data breach happens again in the future, the damage may be limited. Companies may be liable for damages after an employee data breach. These damages can include issues like the cost of replacing credit or debit cards, the cost of monitoring reports or other costs related to emotional distress from the risk of identity theft. One way hackers profit from stolen data is selling it in masses to other criminals on the dark web. These collections can include millions of records of stolen data. The buyers can then use this data for their own criminal purposes. Once you identify the breach, it is essential to promptly contain and isolate the cyber attack. Disconnect compromised systems or networks from your infrastructure to prevent further unauthorized access. Firewalls, anti-virus software, and anti-spyware software are important tools to defend your business against data breaches. Work closely with an internet security team or provider to set these up correctly. A data breach puts your reputation at stake. This is easier said than done. A Forbes Insight report found that 46% of organizations had suffered reputational damage as a result of a data breach and 19% of organizations suffered reputation and brand damage as a result of a third-party security breach. IBM's latest Cost of a Data Breach report discovered that, in 2023, the average cost of a data breach globally reached an all-time high of $4.45 million. This figure represents a 2.3% increase from the previous year and a 15.3% rise from 2020. Common Causes of Data Breaches include Insider Threats Due to Misuse of Privileged Access, Weak and Stolen Passwords, Unpatched Applications, Malware, Social Engineering, Physical Attacks. According to statistics from Surfshark, the United States experiences the most data breaches of any country. In 2021, 212.4 million users were affected (compared to 174.4 million in 2020). In second place was Iran, with 156.1 million breached users in 2021 (up from 1.4 million in 2020). Hackers won't always change your account passwords. This means you still have access to your account, and you can prevent further or future attacks from happening. To change your password, simply use the “Forgot Password” link at your login page. Organizations can prevent data breaches by implementing security measures, such as regularly updating software and security patches, implementing strong password policies, training employees on cybersecurity, and securing networks with firewalls, intrusion detection and prevention systems, and encryption technologies.

Conclusion:

Data breaches can happen to any organization. Though, the attacker aims towards bigger corporations that have a lot at stake. Statistics show us that the cost of an attack is high and is increasing yearly. End users are almost never the target of cybercriminals who are out to steal sensitive information in bulk, unless an individual is connected to an industry . However, end users can be affected when their records were part of the information stolen from big companies. It is up to the company’s management to adopt a cybersecurity policy and data breach response plan. If a breach does occur, a good security response strategy should help mitigate the impact.?Following best practices can also reduce the impact if an attack does occur to aid in normalizing company operations more quickly.?Awareness and knowledge can save?from cyberthreat or minimize the damage if a cybersecurity breach takes place.

References:

www.american.edu/kogod/research/cybergov/upload/what-to-do.pdf

www.csoonline.com/article/534628/the-biggest-data-breaches-of-the-21st-century.html

https://tech.co/news/data-breaches-updated-list

https://www.upguard.com/blog/biggest-data-breaches-us

www.digitalguardian.com/blog/history-data-breaches

www.zevenet.com/blog/what-to-do-before-and-after-a-cybersecurity-breach/