Security Breach

Any unauthorized access to a computer network, computer data, devices, or applications is considered a security breach. Typically, a security breach happens when an intruder is able to hack the system or bypass security mechanisms.

There are different types of security breaches depending on how the intruder was able to gain access. The intruder can use social engineering, in which they pose as an employee to contact the company’s IT staff and ask to have login credentials resent or reset. Hackers can also use drive-by downloads delivered to an employee through emails or website links. Malware attacks, ransomware attacks, exploitation of system vulnerabilities, and cracking weak passwords are some common ways for intruders to infiltrate the system.

Examples of a security breach

  • The 2018 Facebook security breach resulted in the loss of data from 29 million personal profiles including the profile of founder and CEO Mark Zuckerberg.
  • eBay had a major security breach in 2014 resulting in the credit card information leak of many customers.
  • Equifax suffered massive data loss in 2017 that gave hackers access to the Social Security numbers of 145 million Americans registered in the Equifax database.  

How much does a security breach cost? 

According to a report by IBM in 2021, the annual cost of a security breach is $4.24 million, rising 10% from last year. The analysis by IBM takes into account several cost factors including employee productivity, customer turnover, technical activities, regulation, legal, loss of brand equity, and other factors. The scope of the report by IBM included 537 security breaches in over 17 countries. The data was gathered by conducting 3500 interviews.

In the above-mentioned Equifax breach, bizjournals.com reported in February 2020 that the data leak cost the company $1.13 billion in the previous year alone.

How can businesses minimize the risk of security breaches? 

As intruders keep finding new ways and tools for security breaches, businesses need to continuously improve their security measures to protect their systems from intruders. Some good habits that be used by businesses to minimize vulnerability to security breaches include using strong passwords, closing dormant accounts, backing up files, using reputable anti-virus software, implement solid micro-segmentation strategies based on zero trust, and regularly training employees on best practices to keep their devices protected from intrusion.  

Security incident vs. security breach

A security incident is different from a security breach. A security incident could be an employee losing his work laptop, a malware infection, a distributed denial of service (DDOS), or other incidents that do not result in loss of data or access to a secured network. In a security breach, there is confirmed disclosure (within the company’s infosec team at least) that the breach took place, not just potential exposure of data to an unauthorized party. 

Ali Azhar
Ali Azhar
Ali is a professional writer with diverse experience in content writing, technical writing, social media posts, SEO/SEM website optimization, and other types of projects. Ali has a background in engineering, allowing him to use his analytical skills and attention to detail for his writing projects.

Related Articles

RSA SecurID

RSA SecurID is multi-factor authentication (MFA) technology used to protect network resources, such as applications and websites. Its purpose is to mitigate risk and...

IoT Security

IoT (Internet of Things) security helps enterprises protect their networks from threats exacerbated by internet-connected devices, which often aren't designed with advanced security features...

Identity and Access Management (IAM)

Identity and access management (IAM), also known as identity management (IdM), is a combined term used to create and manage digital and electronic user...

Password Fatigue

Password fatigue is the term given to the feeling of exhaustion or resistance to creating and using complex passwords. This behavior often results in...

AutoIt Scripting Language

AutoIt is a popular and easy-to-learn scripting language used by developers since 1999...

HighLevel CRM

HighLevel is a sales and marketing customer relationship management (CRM) solution designed by...

Unified Endpoint Management (UEM)

As enterprise networks become increasingly distributed with growing numbers of remote workers, unified...