Why should we care about a data breach?

Data breach is an incident where cyber criminals successfully break into a business network and steal consumer and business data, which is then exploited in multiple ways to fuel criminal activities.

Although we don't often hear about the incidents of data breach in the news, they are on a steady increase. It is reported that the number of data breaches in 2020 is almost double the number in 2019. By July 2020, 16 billion records were exposed, with the first quarter of the year (Q1 2020) itself accounting for 8.4 billion records. This is a whopping 273% rise compared with the first half (H1) of 2019.

End customer is the ultimate victim

Data breaches allow cyber criminals to supplement their existing databases of personally identifiable consumer information. Since data is the lifeblood of any digital business today, its abuse can cause financial and reputational damages to a business. However, the ultimate loser are the consumers, who may suffer an irreparable blow to their digital lives.

It will, therefore, be wrong to believe that a data breach can only affect a business and not the end consumers. The data that the businesses possess is ultimately that of the consumers and when this data is abused, it can obliterate digital interaction for affected people. One of the most attractive ways cyber criminals abuse the data harvested from these data breaches is by selling it on the dark web. This fetches the cyber criminals easy money, but exposes the compromised users to serious and life-altering threats.

The aftermath of a data breach

When a social media platform—that you have a profile on—suffers a data breach and your personal details are among the data stolen, you become vulnerable to many types of threats. Cyber criminals can use your account to request for money from your network. They can post details of non-existent, expensive items purportedly on sale for a limited period and dupe people into paying for them, without ever receiving them. Your account can be used for phishing campaigns to lure people into sharing their personal details. It can also be used to send out spam emails laced with malware or ransomware. In worst cases, your account can be abused for drug- or human-trafficking.

If you use the same username-password combination to access various online services, all your accounts can be similarly exploited. Cyber criminals can stitch together pieces of information with your stolen personal details to break into your bank account and drain the funds contained therein. Once your account is compromised, it can be exploited in a number of ways. For instance, the saved credit card details can be used for card not present fraud or the loyalty points can be redeemed for expensive items that can be sold later at a higher price. They can use this compromised account to open new lines of credit that will leave you repaying the loan, which you never sought. Your account may even be used as a conduit for money laundering and leave you facing the legal consequences when the crime is unearthed.

Perhaps the biggest damage that a data breach can inflict on end consumers is the compromise of their digital identities. Businesses use digital identities to distinguish between good users and those with malicious intent. If your digital identity is compromised, you are no longer a trusted user. Businesses will treat you with suspicion and your digital transactions may be denied. This can obliterate your digital life and you may have to spend time, effort and resources to establish your true identity all over again.

Unwanted consequences

A data breach is, therefore, accompanied by several unwanted consequences for the consumers—including suspensions of accounts and identity theft—as well as the stress of enacting credit freezes, frequently changing passwords, and constant efforts to restore identity.

The article has been written by Neetu Katyal, Content and Marketing Consultant

She can be reached on LinkedIn.