Breach
A breach or security breach is a computer security term that describes a situation where an attacker gains access to a restricted area on a computer or network. Once the intruder gains access to a system, they may steal confidential data or install malware. While many security breaches are detected by software, many go undetected.
A data breach describes an intentional or unintentional release of private information. In the case of an intentional data breach, an attacker infiltrates a network, finds private information, and releases that data or holds it hostage for a ransom. With an unintentional data breach, a company may incorrectly set access rights and allow everyone to see information they should not.
How can a breach happen?
A breach may occur for any of the following reasons:
- A hacker gained access through a vulnerability.
- Malware is sent to an employee and unintentionally installed on a computer or server, thus granting access to a hacker by stealing login credentials or creating a backdoor.
- A laptop, smartphone, or other hardware with system access is lost or stolen.
- An employee or other company insider with access to a system.
- Human error.
In some situations, it may not be possible to determine exactly where the breach occurred.
How to determine if you've been compromised?
Use the website have i been pwned? to look up your e-mail address in a database of over 12.6 billion accounts that were part of a data breach.
What should I do if my account is part of a breach?
If you have an account with a company whose had a data breach, you'll receive an e-mail from them. In the e-mail, the company may disclose the information that was compromised, the actions they have taken, and steps to help protect yourself. If usernames and passwords were compromised, the company may reset your account and require you to log in with a new password. If you use the same password with multiple accounts, we recommend you change the other account passwords. The following link can provides further information and suggestions on what to do with a compromised account.
After a breach has occurred, you may encounter phishing attempts to steal additional information. If you get any suspicious e-mails, be cautious about clicking any links in them and do not open any attachments.
Examples of data breaches
As more businesses have made their databases accessible to the Internet, data breaches are becoming increasingly common. Below are a few examples of some large data breaches that have happened.
- Security researchers in January 2024 announced the discovery of the MOAB (Mother Of All Breaches) that contained 26 billion records or 13 terabytes of data. The breach contains the largest amount of users data ever discovered and contains the e-mails, usernames, full names, and other account details on over 15 million Trello users.
- The Clearview AI (Artificial Intelligence) data breach in 2020 that had 3 billion images of people it copied from the Internet stolen.
- Yahoo announced in 2016 a data breach that had been happening for years, affecting more than 3 billion user accounts.
- In May 2019, it was discovered that 885 million First American users' account details were posted online.
- In April 2019, Facebook had more than 540 million user records exposed.
- The Equifax data breach in 2017 that affected more than 145 million Americans.
See each of the years in our computer history section to see some breaches that happened that year.
Access, Business terms, Compromise, Computer crime, Computer security, Hacker, PII, Privacy, Security, Security terms