Data Breaches Are Getting Worse: Know the Basics

The exposure of sensitive information can be disastrous for individuals, businesses, or governments. Yet data breaches aren’t going away. The first data breach compromised more than a million records in 2005. Since then, we’ve seen ongoing news of breaches. But there are some basic steps you can take to avoid falling victim to an attack.

Let’s look just at August 2022:

  • A breach at communications giant Twilio exposes 1900 users’ phone numbers and SMS verification codes.
  • Researchers discover at least 9000 virtual-network computing endpoints exposed online without a password.
  • CISCO confirms a ransomware gang has exfiltrated 2.8GB of data.
  • An American neurology practice notifies 363,833 individuals of a data breach.
  • 4 million Twitter users are thought to have been affected by a data breach at the social media firm.

In its annual Cost of a Data Breach study, IBM found the cost of a breach hit a record high this year, at nearly $4.4 million.

How does a data breach work?

A data breach involves any unauthorised access to confidential, sensitive, or protected information, and it can happen to anyone. Data breaches happen mainly when hackers can exploit user behaviour or technology vulnerabilities.

The threat surface continues to grow exponentially. We are increasingly reliant on digital tools such as smartphones and laptops. With the Internet of Things (IoT), we’re adding even more endpoints that unauthorised users can access.

Popular methods for executing malicious data breaches include:

  • Phishing – emails in which hackers persuade users to hand over access credentials or the data itself;
  • Brute-force attacks – hackers use software and sometimes even hijacked devices to guess password combinations until they get in;
  • Malware – infects the operating system, software, or hardware (often without the user knowing) and steals private data.
  • Disgruntled employees or political hacktivists can also be behind data breaches. However, more often than you would hope, the breach is due to human error.

Basic steps to avoid data breaches

  1. Too many data breaches trace back to people using weak access credentials. Yes, there are still people out there using “password” or “123456” to log in at work! Thus, an important step to counter data breaches is enforcing strict password policies.

  2. Multi-factor authentication can also help. This way, even if the employee uses a poor password, or their strong password is stolen, the hacker has to work to get access. They might need the user’s physical device to confirm a one-time-use code sent to verify identity.

  3. It’s also important to patch and upgrade software as soon as asked to do so. Manufacturers support security by keeping abreast of hacker attacks throughout the world. They’ll also watch for bugs and any vulnerabilities. Disregarding that message to upgrade or patch could leave your computers at risk.

  4. Encrypting all sensitive data can also cut the risks of a data breach. That way, if the bad guys do get inside your systems, they can’t do anything with the information they access.

  5. With more people working remotely, the number of users doing business on their own devices is also up, which represents another data breach risk. Enforce strict Bring Your Own Device (BYOD) policies to minimise exposure. You might require virtual private networks and professional-grade antivirus protection.

Don’t risk data breach damage

Data breaches cause business downtime and can cost your reputation and bottom line. You may lose customers and also have to pay legal fees or compliance fines. Don’t let this happen to you. A managed services provider can install protection and take precautions against data breaches.


Does your business need a Cybersecurity checkup?

Ultimately, every business needs to expect and prepare for a cybersecurity crisis. The above information helps you gauge risk and put plans in place to protect assets and recover sooner. However, if you’re not an expert and you need to focus on the running of your business, you might need some help as this can all feel a little overwhelming. There’s no need to worry!

Don’t stay in the dark about your IT security vulnerabilities. Schedule a cybersecurity audit to uncover vulnerabilities so they can be fortified to reduce your risk.

Looking to become more cyber-aware? ITM Tech provide a number of cybersecurity solutions and training services for businesses in Kildare and Dublin, including:

  • Business Continuity & Disaster Recovery
  • Email Filtering
  • Incident Response Plans
  • Phishing and cybersecurity Training

If you need a dedicated IT company, with a team of trained professionals who can manage your company’s cybersecurity, look no further than ITM Tech! Based in Naas, Co Kildare, ITM Tech supplies and implements reliable technical support for your entire IT environment.

We are dedicated to quickly and effectively resolving cybersecurity issues, leaving you to concentrate on running your business. Contact our experts today at 045 409984 or email us at support@itmtech.ie.

For more information about cybersecurity and what we can offer you, check out our last blog; Is Your Business Ready To Prevent, Detect And Respond To Cyber Attacks?