Data Breach Defined & Ways To Prevent One in 2025

Data breaches are on the rise. Every day, we see news articles like these: "Major Data Breach Hits ABC Corporation: Millions of User Records Compromised"."GHI Retail's Customer Data Exposed: A Wake-Up Call for E-commerce Security"."LMN Health's Patient Information Compromised: Largest Data Breach in Healthcare History".

Whether another major breach at a big company like LinkedIn or Equifax, or smaller leaks at a Mom & Pop e-commerce shop, it feels like no one is safe from the growing threat of data breaches.

Data breaches can happen in many ways — ransomware, phishing, accidental exposure — but one thing is clear: our data is being breached all the time.

A sample of news articles about data breaches, Googled on 8 January 2024.

Data breach trends

In fact, more than half of all organizations experienced a data breach in the last year. That’s at least one out of every two orgs. More trends:

• Ransomware breaches have an average total cost of $5.13 million, 13% higher than in 2022.
• Healthcare breaches in particular are significant: they’ve increased increasing 53.3% since 2020.
• Phishing has a cost of $4.8 million in 2023, making it the most expensive initial attack vector.

With each new headline, you may find yourself sighing and shaking your head, wondering how these companies keep letting people's personal information fall into the wrong hands.

One main reason for more data breaches? The growing amount of digital information being collected and stored by companies. In today's world, organizations rely heavily on technology for various aspects of their operations — from storing customer data, conducting financial transactions, doing R&D.

With the rise of cloud computing, the amount of sensitive data being generated and collected is only increasing. The more data, the bigger any attack surface for cybercriminals to exploit.

It's no longer enough to rely on traditional security measures like firewalls and antivirus software — additional layers of protection are necessary. Data breaches can occur anywhere, at any time, and the consequences can be dire.

What are data breaches?

While the terms 'data breach' and 'cyberattack' are often used interchangeably, they represent distinct yet interconnected concepts in the realm of cybersecurity.

A cyberattack is a broader term that refers to any type of offensive maneuver employed by individuals or whole organizations that target computer networks, system infrastructures, or personal computer devices, using various methods to steal, alter, or destroy data. The term ‘security breach’ is used in this context, too.

A data breach, on the other hand, is a specific type of cyberattack where unauthorized access is gained specifically to confidential, sensitive, or protected data. It involves a successful attempt to infiltrate a data source and extract sensitive information which can include:

• Personal data: social security numbers, addresses, medical records
• Financial data: credit cards, bank account details, tax filings
• Intellectual property (IP): trade secrets, patents, business strategies

While all data breaches are a form of cyberattack, not all cyberattacks necessarily result in a data breach. For example, a ransomware attack that locks up a company's customer data and threatens to sell it if the ransom isn't paid is a data breach. However, a distributed denial of service (DDoS) attack that overwhelms a website is not considered a data breach because no sensitive information was stolen.

(Get to know the most common security breach types.)

The significance of data breaches

The impact of a data breach can be far-reaching for both individuals and organizations. For individuals, their personal information may be compromised, leading to identity theft or financial loss.

For organizations, the consequences of a data breach can include financial losses from legal fees and regulatory fines, damage to reputation and trust, and potential loss of customers.

Outside of the immediate consequences, a data breach can also have long-term effects such as increased cybersecurity regulations and stricter data protection laws, which can be costly and time-consuming for organizations to comply with.

(Related reading: data exfiltration & using Splunk to detect DNS exfiltration.)

Causes of data breaches

The majority of data breaches are caused by intentional hacking or malware attacks by either external or internal actors. Common methods used to gain unauthorized access include:

• Exploited vulnerabilities in software or networks
• Social engineering tactics, such as phishing emails
• Weak passwords or lack of password protection on sensitive files
• Insufficient encryption of data

But those aren’t the only ways that breaching data can happen. Breaches can also occur by:

• Insider threat or leak occurs when a person of trust or authority, granted access privileges, illicitly acquires and misuses data.
• Payment card fraud involves the theft of payment card data through the use of physical skimming devices.
• Loss or theft. Data breaches can result from the loss or theft of physical items such as portable drives, laptops, office computers, and files.
• Unintended disclosure. Sensitive data may be exposed due to mistakes or negligence, leading to unintended disclosure.
• Unknown method. In a small number of cases, the actual breach method is unknown. (Beware, if it’s undisclosed publicly, it does not mean the victims do not know the reason for it.)

Notable examples of data breaches

An unfortunate part of the digital age, data breaches are not a problem limited to small businesses or websites. Indeed, high-profile companies with seemingly robust security measures have fallen victim to these attacks over the years.

Below are four examples of high-profile data breaches that have unfolded in the last decade.

Yahoo! Data Breach, 2013

Estimated Number of Records Impacted: 3 billion
Type of Breach: Theft of personal information
Breached Information:  Names, email addresses, phone numbers, security questions and answers, date of birth, and hashed passwords

Consequences:

• Severe impact on Yahoo!'s reputation and user trust
• Data breach happened mid-acquisition by Verizon, reducing the purchase price by $350 million
• Multiple lawsuits and investigations post-acquisition concerning the breach

Considered one of the largest data breaches in history, this case serves as a stark reminder for companies about the severe consequences of data breaches, both financially and in terms of damaged reputation and trust.

First American Corporation Data Breach, 2019

Estimated Number of Records Impacted: 885 million
Type of Data Breach: Design flaw in website exposing sensitive records dating back to 2003
Breached Information: Bank account numbers, statements, mortgage and tax records, social security numbers, wire transaction receipts, and driver's license images

Consequences:

• First American paid a $1 million settlement with the New York State Department of Financial Services
• Sharp decline in stock prices
• Severe reputational damage

This incident underscored the importance of robust cybersecurity measures and the potential for severe financial and reputational damage when they are insufficient.

Facebook Data Breach, 2019

Estimated Number of Records Impacted: 540 million
Type of Data Breach: Poor security practices
Breached Information: Users' account names, IDs, details about their comments, likes, and reactions

Consequences:

• Severe user and regulatory backlash
• Intense scrutiny and investigations by regulatory bodies worldwide including the FTC
• Significant hit to reputation and trust
• $5 billion fine by the FTC

The largest fine in history for a data breach, demonstrating the severe implications of such security lapses. This case also highlights the responsibility of companies to protect their users' data and the potential for heavy penalties when they fail to do so.

(Learn why more organizations are paying attention to the concept of software liability.)

Marriott International Data Breach, 2018

Estimated Number of Records Impacted: 500 million
Type of Data Breach: Unauthorized access to Starwood division's guest reservation database
Breached Information: Contact details, passport numbers, Starwood Preferred Guest account information, and encrypted credit card information

Consequences:

• Several lawsuits and global regulatory investigations
• Marriott paid a $123 million fine by the United Kingdom's Information Commissioner's Office (ICO)
• Significant impact on Marriott's reputation

The breach significantly impacted Marriott's reputation, highlighting the importance of stringent security measures, particularly in industries dealing with vast amounts of personal customer data.

Lessons learned from high-profile data breaches

Data breaches pose a serious threat to organizations of all sizes and across various industries. The highlighted high-profile incidents serve as reminders of the extensive damage these breaches can cause, impacting the bottom line, of course, and also customer trust and the reputation of your brand.

Businesses must prioritize robust cybersecurity measures, continually assess and improve their security protocols, and ensure they are prepared for potential incidents.

As the digital landscape continues to evolve, the importance of staying ahead in terms of cybersecurity cannot be overstated.