Data Security Breach: What They Are, How They Happen + More

Data is more valuable than ever to organizations. In addition to providing them with a better understanding of their consumers, data also allows organizations to improve their decision-making with actionable insights. However, just as data becomes increasingly valuable to businesses, so does its value for cybercriminals hoping to access it for malicious purposes. 

Data security breaches, which occur when sensitive data or information is improperly accessed, pose a threat to consumers and businesses alike. While customers face the prospect of their personal information being stolen and used for crimes like identity theft and payment card fraud, data breaches expose organizations to potential lawsuits, revenue loss, and the loss of privately held assets. 

In this article, you'll learn more about data security breaches, including what they are, how they happen, and methods to prevent them. You'll also explore cybersecurity and get tips on how you can start gaining job-relevant skills today. 

What is a data security breach? 

A data security breach occurs when unauthorized individuals or groups, such as hackers or cybercriminals, access sensitive information held by an organization. Some confidential information accessed and stolen by bad actors during a data breach includes corporate assets and personally identifiable information (PII) like social security numbers (SSN), credit card numbers, email addresses, and other personal data. 

According to IBM’s Cost of a Data Breach Report 2023, the average total cost of a breach reached an all-time high of $4.45 million that year, representing a 2.3 percent increase from 2022 [1]. The industries with the most costly data breaches that year included health care, finance, pharmaceuticals, energy, and manufacturing.  

Data breach examples 

Data breaches are on the rise. According to the Identity Theft Resource Center (ITRC), data breaches increased by 78 percent between 2022 to 2023, rising to a total of 3,205. This figure represents a significant increase compared to the previously already high number of 1,860 in 2021 [2]. 

The rapid expansion of digital technology powered by data collection likely contributed to this change. Organizations collect substantially more data today than ever before, increasing the number of opportunities for malicious actors to gain unauthorized access to data as well. 

Some notable examples of real-world data breaches that may have impacted you or someone you know include the following: 

Yahoo, 2013-2014: Between 2013 and 2014, a series of cyberattacks compromised more than 3 billion user accounts [3]. The data breach is one of the largest known in the history of the internet. 

Facebook, 2019: In 2019, Facebook discovered a data breach that impacted over 530 million users. Their account names, phone numbers, locations, and, in some cases, emails were leaked and posted on an online hacking forum [4]. The hack affected users from 106 countries. 

AT&T, 2024: In March 2024, an AT&T data breach found that hackers exposed personal information, such as social security numbers from 2019 data, affecting about 7.6 million current and 65.4 million former customers [5].

Causes of data security breaches

The leading cause of data breaches is weak and stolen user credentials, but data security breaches can occur for many different reasons. These causes range from simple system errors to the actions of malicious insiders and the result of targeted malware attacks. According to IBM’s Cost of Data Breach Report 2023, the most frequent attack vectors used by hackers and their costs are as follows [1]: 

1. Phishing attacks: $4.76 Million

2. Stolen or compromised credentials: $4.62 Million

3. Unknown (zero-day) vulnerabilities: $4.45 Million

4. Cloud misconfiguration: $4.00 Million

5. Business email compromise: $4.67 Million

6. Social engineering: $4.55 Million

7. Physical security compromises: $4.10 Million

8. Malicious Insiders: $4.90 Million

9. Accidental data loss or lost/stolen devices: $4.46 Million

10. Known unpatched vulnerabilities: $4.17 Million

11. System errors: $3.96 Million

The report also found that attacks involving stolen or compromised credentials and malicious insiders took the longest to identify and contain, requiring nearly 11 months and ten months to resolve, respectively. While the causes of data breaches may vary considerably, they pose a serious risk to organizations and consumers. 

How do data security breaches happen? 

Although data security breaches can stem from many different causes, cybersecurity attacks usually follow the same basic pattern. Generally, cyberattacks have five distinct phases, which cybersecurity professionals can analyze to help them devise protections against possible attacks. These five phases are as follows: 

1. Research and surveillance: The hacker gathers information about the target, their systems, and any possible vulnerabilities.

2. Scanning: The hacker identifies a way to infiltrate a system and gain access to information.

3. Access and infiltrate: The hacker executes their plan and gains initial access to their target system, operating systems, or applications.

4. Maintain access: The hacker secures their access to the system and seeks to maintain it by using rootkits or Backdoor attacks. The hacker steals the target data, such as personal and financial information.

5. Cover their tracks: The hacker covers their tracks to conceal their identity, the method of attack, and what they stole. 

In some cases, organizations hire ethical hackers, or “white hat hackers,” who attempt to hack into their systems, identify vulnerabilities, and develop solutions to resolve them. Many organizations also have “bug bounty” programs that compensate ethical hackers for identifying possible bugs or vulnerabilities to limit potential data breaches before they occur. 

Read more: 4 Ethical Hacking Certifications to Bolster Your Career

What can a data breach cause?

The consequences of a data breach can be far-reaching. For businesses, concerns include damage to their reputation, which can result in plummeting stock prices and other financial losses. It can also increase operational expenses and leave the company vulnerable to legal consequences and liabilities. Identity theft is the primary concern for individuals, and it can have significant financial implications.  

How to prevent data security breaches

Organizations can promote data protection using various strategies, including data encryption and employee education. While no single method ensures data remains completely secure, many practices can lower the risk of a data breach when implemented together. The following provides more details about five practices that can help an organization protect its data from breaches: 

1. Encrypt all data. 

Organizations should encrypt all of their data for storage and transmission from one location to another. Data encryption turns readable “plaintext” into “ciphertext” that uses a key associated with a string of numbers or a password generated by an algorithm to decrypt the data. Keys are so complex that they can resist brute force attacks or cyberattacks that seek to break passwords using computer programs. 

2. Restrict data access. 

Few people need access to all of an organization’s data. Rather than granting data access to every employee or contractor, it’s safer for organizations to establish clear guidelines on who can access what data and when. 

3. Keep a data inventory. 

A data inventory, or data map, is a catalog that records all of an organization's data and where it’s stored. This enables organizations to note the location of particularly sensitive data and establish best practices to protect it from unauthorized access.  

4. Patch and secure infrastructure and networks. 

As IBM’s Cost of Data Breach report indicates, hackers increasingly exploit zero-day vulnerabilities to access organizations’ internal systems. So, it’s more important than ever for IT professionals to patch vulnerabilities proactively. At the same time, they must also ensure that the organization’s network is safe from attackers through firewalls, intrusion detection systems, and other commonly used data protection methods.  

5. Educate employees. 

Employee training is critical to establishing data security within an organization. As a result, it’s imperative that organizations provide their employees with the guidance and training they need to ensure that data remains safe and secure. Training often covers topics such as best practices for setting passwords, information-sharing protocols, and properly using the data protection tools within the organization. 

Read more: 9 Cybersecurity Best Practices for Businesses

Build your cybersecurity skills on Coursera

Robust data protection is central to the operation of many modern organizations. If you’re interested in learning more about cybersecurity or joining the field yourself, you might consider building foundational knowledge or expanding your existing skills on Coursera.

In Google’s Cybersecurity Professional Certificate, you’ll learn how to identify common risks, threats, and vulnerabilities to security systems and techniques to mitigate them. Get job-ready in less than six months by receiving professional-level training from cybersecurity experts at Google.