Data Breaches vs Data Leaks: What You Need to Know
Blog / Data Breaches vs Data Leaks: What You Need to Know
5 MIN READ
Data breach and data leak are common terms that you will regularly come across. In both situations, someone has managed to gain unauthorised access to some data that should have been protected better. However, both terms vary slightly and this article will highlight the difference between the two as well as expand upon which situation will have worse effect on your organisation’s reputation.
What is a data breach?
A data breach is a term given to a situation that involves confidential information belonging to an organisation becoming exposed by a threat actor. This confidential information can encompass client data, company data, staff data, financial data and more. Typically, the motivation behind a data breach is to sell the sensitive data online among criminal networks where the data can be sold for large profits, especially if sold on the dark web.
Data breaches can be carried out using various methods such as social engineering. Sometimes when a data breach occurs, the breach remains undetected until later on. An example of this can be the breach of Marriott International which involved hackers planting themselves into the system in 2014 and remaining there until detection in 2018, leading to the data of up to 500 million guests becoming breached. This breach could have been earlier detected had the company practiced standard security procedures.
Causes of data breaches
Data breaches have severe consequences upon the affected organisation and their associated clients. Therefore, it is important to be aware of the causes, especially as many of the causes rely on human error and can be easily avoided.
Causes of data breaches include:
- Human error – For example, sending an email to the wrong person, loss or paperwork and devices and accidently disclosing confidential data.
- Physical theft or loss of device – This can be resulted from negligent practices of employees such as sharing passwords, losing their devices and accidently leaving paperwork on public transport.
- Phishing – Even if most users are aware that they should refrain from clicking on unknown links attached in emails or text messages, many still get tricked into clicking them.
- Stolen or weak credentials – Weak credentials such as predictable passwords take away even the slightest chance of keeping your data safe online from threat actors.
- Application vulnerabilities – If the application you use is not regularly patched, your data is more vulnerable to becoming exfiltrated by threat actors.
- Cyber-attacks – Cybercrimes such as ransomware, malware and other forms of viruses are significant threats to data security that are continuously evolving in terms of severity and deployment methods.
- Social engineering – Similar to phishing, this method revolves around human gullibility to gain unauthorised access to data.
Preventing data breaches
Implementing the following various tips will reduce the chance of your organisation becoming affected by a data breach:
- Compliance with the GDPR – Developing a company policy that will be in compliance with the GDPR will help keep your data safe and prevent legal troubles from arising.
- Developing and implementing policies regarding data security and equipment use – Detailing best practices, procedures and processes for handling data and safe practices of BYOD will prevent the likelihood of a successful breach from occurring.
- Automation – This will reduce human error, a big cause in data breaches.
- Provide cyber security awareness training to staff members – This will reduce negligence and improve staff awareness on how to detect suspicious online activity.
- Encrypt data – In the case that a threat actor manages to gain access to your data, encryption will prevent them from being able to use it.
- Provide access authorisation to certain employees – Only grant access to staff who need the data to be able to work.
- Monitor the access and the use of the data – Tracking data sent outside of your network and who sent it is an important practice.
- Perform regular patches to your system – This will detect and patch up any found vulnerabilities before cyber criminals can take advantage of them.
- Perform regular vulnerability assessments to your system – Identifying potential threats as soon as possible will help prevent larger threats from being successful and recovery costs and efforts will be reduced.
- Ensure that your data is regularly backed up – This will make repairing damage less time consuming and costly as you can still access your data to resume operation.
What is a data leak?
A data leak is of course, the leak of sensitive information due to system vulnerability or unintentional leakage. In the case of a data leak, this situation differs from data breaches, in that it cannot be confirmed if the exposed information has been seen by the public. Reasons for how data exposures occur can include users being permitted improper access to a site, flaws in security policies and even improper application development. The key aspects of a data leak are that it stems from either an internal source or an error in the process.
An example of a processing error is the case of Facebook-Cambridge Analytica, in which a whistle-blower shun light on the unethical practices of Banbridge Analytica. An excess amount of user data was being gathered and since no information was leaked to the public, this situation can be categorised as a data leak.
Causes of data leaks
Data leaks occur when protection measures are not properly enforced whilst transmitting data. Data not in use can also be leaked if appropriate measures are not in place.
The three main cases of data leaks are:
- Data in transit – If data is transmitted over the internet without proper API security, with missing port security or different port protocol, the risk of a data leak occurring becomes higher. This includes simple online browsing, email transfers and other forms of online communication.
- Data at rest – Data leaks can be caused by leaving data stored on unprotected devices and data bases. An example of this can be a file that can be accessed without a password.
- Data in use – Data leaks can also occur if missing data is present on portable storage devices that has been either forgotten about or lost.
Preventing data leaks
A proactive approach to cybersecurity is a key method for preventing data leaks from occurring. The approach should be layered to reduce the impact of a successful intrusion and prevent such occurrences in the first place.
Tips for preventing data leaks include:
- End-point protection – Data leaks frequently occur as a result of improper configuration and inefficient storage of sensitive data on endpoint devices.
- Network monitoring – Monitoring data being sent and received between your organisation and other organisations can help prevent data leaks from occurring as unusual or suspicious behaviour and incoming traffic can be detected.
- Secure storage – Improper data storage and leaving the data in plaintext format is a security risk. Data encryption and managing access to this data by adding authorisation measures will improve security.
- Policy for device usage – Unprotected devices increase the risk of data leakages. A policy to address good device usage should be established and distributed among staff.
- Third-party risk management – This is also known as vendor risk. Applying an appropriate third-party risk management will enable you to analyse the data and how much of it is being shared between the associated vendors.
- Compliance with the GDPR – By complying with the guidelines outlined in the GDPR on how to store and manage data, the risk of a data successful data leak will decrease.
What is worse?
What is worse? A data leak or a data breach? Improper security practices whether they are accidental or purposeful leading to data exposure or threat actors intruding upon your system and stealing sensitive data?
For the first situation, your anger is likely focused on the threat actors who have broken into your system whilst wishing your system has better protection measures in place. In the second situation, your anger is probably more focused on yourself for leaving your system unguarded.
For both situations, the headlines will be big. Organisations within all industries and of all sizes face challenges to ensure the protection of the confidentiality, integrity and availability of the gathered sensitive data. Therefore, it is important to be aware of the differentiating factors between data breaches and data leaks when handling a challenging situation or referencing events. Both instances can greatly impact the reputation of your company however, I would say that situation two is more damaging.
Previous ArticleThe 4 Basic Techniques For Safely Exporting Data
How secure is
How secure is