Every morning, as soon as we wake up, we hear the alarming news about Data Security Breaches or the recent data breach that occurred or some MNC data that was breached or hacked. This is the scenario that occurs every second day. This causes a sense of insecurity in the minds of people and tends to scare them no end. People are now worried about the secured data that they provide in online media. People need to be extra cautious and extremely careful while providing their personal information and data in the digital platform.
What is data security breach?
Data Breach occurs when the personal data of a person gets accessed by some other person also known as a hacker. When the data of a person or an organisation geta accessed by these hackers without their knowledge, then the situation is referred to as data breach. The data which the hacker gets access to, is very sensitive and the personal information gets into the danger zone, when the hacker gets access to it. This threatening situation is possible in two different ways:
- By the hacker personally accessing the computer or network of the user and stealing the sensitive data and files.
- By the hacker, sitting at the comfort of his/her home and getting access to the target person’s computer data, or rather, by bypassing the network remotely and getting access to the desired data.
The second means i.e. by remotely having complete control over the data has become one of the most widely used techniques employed by the cyber hackers. This is one of the reasons for data breach – the data gets breached and the identity of the hackers is not known.
How data breach occur?
Below are some of the ways in which data breach occurs:
The cyber hackers always carry out the background research and act accordingly. For any hacking to be a success, background research is mandatory. Importantly, the cyber hackers look for weaknesses or a weak link of the target person or the target company. When they find this weak link, they use it against the person or the company. In other ways, this is the strength that the cyber hackers get and they use this for data breaching.
The cybercriminal slowly comes in contact with the users’ system or network and gains an upper hand on it. First, he/she tries to make a contact in the social media site of the user, then slowly digs into the details and gets full access to the user data. The time of the attack is not sudden, instead, it is very slow and he/she obtains the full data of the target user or the company.
Attack on Network or Social
When a hacker gets access to the company’s infrastructure, system, applications and also gets a hang of all the weakness of the company, he/she filtrates them to get access to the company completely. This is a network attack. On the other hand, social attack means tricking the employees of a particular organisation and getting all the data from him/her, like extracting information about- “How to get access to the organisation network?” This can lead to a situation wherein the employee is tricked and his/her user credentials are taken. They may even be asked to provide access to the attachments. This is a strategic malicious move, that can lead to a data breach in an indirect way.
Once the hacker gets complete access to one system in the network of the organisation, he/she can easily attack the whole company’s software system and gather all the essential and confidential data. If the hacker gets all the data successfully without any hurdles, then the mission of the hacker is accomplished. The company’s data is hacked and the data breach is successful.
Few of the biggest data breaches of the decade:
Below mentioned companies faced some of the biggest data breaches of the era:
Yahoo Security Breach
In the year 2013, a lot of Yahoo accounts-approximately 3 billion were hacked. Yes, you heard it right – 3 billion Yahoo accounts were hacked. It is considered as the biggest data breach of this era. All the users, of Yahoo, were affected by this data breach. The reason behind this mishap, has not yet been found. The US government suspect Russia to be the hacker behind this breach.
On March 2014, around 145 million customers of eBay received an email to change the password or reset the password. The data breach usually includes encrypted passwords that connect directly to the personal information of the person. Like all other data breaches, the cybercriminals got access to the users to account through the stolen login credentials. The twist here is, the hackers didn’t gather the credentials from the users, whereas they got it from the employees of eBay. Thankfully, the payment option of the users was safe, as it was linked to PayPal, which needed an encrypted password for completing the transaction. So, the users were just asked to change their passwords.
Equifax Security Breach
The Credit Bureau, Equifax was breached in the year 2017, due to which 143 million Americans and many other people from different countries got affected. The unique identities of thousands of people were stolen. Data Breach in Equifax took place several months before it was announced publicly. Equifax had a vulnerable open source software “Apache Struts”, from where the hackers got easy access to the customers’ accounts.
The recent data breach that took place was in September this year, when the world’s most used social media site, Facebook got hacked. Around 50 million Facebook accounts were hacked all over the world and 90 million people were sent emails for password resets. This was caused due to some technical glitches at Facebook’s end. Through this, hackers gained access to the private and confidential data of the users. The European Government has taken strict action against it, Facebook had to face the trial in the court and CEO of Facebook, Mark Zuckerberg had to be present in the court trials to testify himself.
The most recent one, on October 9th, Alphabet, announced that they are going to shut down Google+ soon. This was after the incidence of the data of 500,000 people being exposed. The reason here also was similar – the data got leaked because of the vulnerability in the application which made it easy to gain access for the hackers and the app developers to get into the personal data of the users and exploit it. The data actually was leaked earlier in March 2018, but it was reportedly leaked in October 2018. After a thorough check with the Google employees, it was found that the developers had no clue about it. Presently, all the user data is safe. Following this, a news came that the Google+ will soon be shut-down by Alphabet.
Social media outrages
All these kinds of data breach and the recent data breach that keep surfacing every now and then, make people worry about their valuable personal and sensitive information. People now are facing a big dilemma whether to feel secure with these digital sites or to avoid these sites.
October 16th morning-6:41 EDT: YouTube was down and the network was lost for almost two hours. Not only YouTube, Slack – a professional site for office usage got network Glitches on June 27th this year and lost its network for almost three hours, and people were not able to connect to their workplaces. Those three hours were said to be the most difficult time for the employees and the organisations.
What are all these things leading us to? Whether to believe social media or not? In my view, the data which is much sensitive and important should not be shared in any social platform. Instead, it should be kept at a place where the information would be safe. To secure your social media site, always use several options like double check while login, having security questions, connect to email and access only when scrupulously checked by you. These steps will help in making your information safe in the social media or in the digital platform.