What Is a Data Breach?

Quick Answer

A data breach is the theft of personal information, such as Social Security numbers, credit card numbers and passwords, from an organization’s digital records. Criminals may use stolen data to impersonate you and seek credit in your name.

What Is a Data Breach? article image.

A data breach occurs when criminals steal personal information by breaking into an organization's electronic records. In the first nine months of 2023, the Identity Theft Resource Center (ITRC) documented 2,116 breaches worldwide, 14% more than the previous record of 1,862 incidents logged in 2021. Data breach incidents have affected 233,935,731 individuals in 2023.

If you're affected by a data breach, it's important to act quickly to contain the damage.

What Is a Data Breach?

A data breach is the illegal infiltration of a company's or organization's computer records for the purpose of stealing personal data. The nature of the stolen data can depend on the type of organization targeted, but victims may include customers, account holders, group members and employees.
No matter what type of organization is targeted, or the nature of the information that's compromised, if your data is compromised in a data breach, your risk of falling victim to identity theft and other types of fraud increases. Criminals who steal information via data breaches may use it to open bank accounts in your name, make unauthorized purchases on your credit cards, apply for credit or loans in your name or seek your tax refunds or government benefits. They also may offer your personal information for sale to other criminals, often via hidden websites on what's known as the dark web.

What Information Is Targeted in Data Breaches?

When an organization's records are breached, criminals typically take whatever information they can get, including the following:

  • Social Security numbers
  • Financial account numbers
  • Credit card numbers
  • Home addresses
  • Dates of birth
  • Usernames and passwords
  • Driver's license numbers
  • Passport numbers
  • Immigration status
  • Medical information

Security Breach vs. Data Breach

Discussions of cybercrime sometimes refer to data breaches and security breaches interchangeably. While interrelated, they are not exactly the same. A data breach, as we've seen, is theft of information obtained by defeating automated data security measures. A security breach occurs when criminals break into an automated system, whether they steal anything or not. Every data breach is also a security breach, but some security breaches are not data breaches.

In the physical world, a data breach is analogous to burglary where items are stolen, while a security breach is analogous to someone kicking in your front door.

How Do Data Breaches Happen?

Data breaches always require defeating one or more security measures, including but not limited to:

  • Network defenses such as firewalls and anti-malware software
  • Measures to prevent unauthorized use of individual devices, such as usernames, passwords and biometric tools such as fingerprint or face recognition
  • Physical protection of hardware, such as servers, computers or phones, which can be stolen and attacked with mechanical tools

The methods criminals use to pierce organizational security measures often involve tricking the users of a system—employees or end users, into giving up information needed to gain access. Methods for doing so take a variety of forms, including:

  • Human error: Mistakes by employees, such as improper configuration and use of security systems, can leave organizations vulnerable to attack.
  • Phishing: This is when a fraudster tries to get someone to divulge sensitive information. It's usually through an unsolicited email or text where they pose as a company and request that you share personal information.
  • Business email compromise: This form of phishing has been gaining traction because of its effectiveness. It works like this: A scammer infiltrates an organization's email system and, impersonating a manager or client, requests access to critical data that is then stolen. Communications that appear to come from trusted individuals inside company security structures can be especially hard to detect.
  • Ransomware: In ransomware scams, cyber criminals block all authorized access to a computer system until a hefty ransom is paid. This doesn't always entail duplication or removal of sensitive data from the system, but it can jeopardize medical records, financial information and other critical data.
  • Malware: Viruses and other malicious software can be used to attack and seek out customer and employee data within targeted organizations. These can gain entry as email or text attachments, on contaminated thumb drives or other storage devices, or by masquerading as legitimate software downloads.

The Experian 2023 Data Breach Industry Forecast, a resource for data security professionals, notes that criminals are harnessing artificial intelligence (AI) in their efforts to fool human users, including those trained to spot security risks and to confound automated data security measures.

How Do Data Breaches Impact You?

If your personal data is exposed in a data breach and exploited by criminals, you could become a victim of identity theft or other credit fraud, including bogus credit transactions or accounts created in your name, hijacking of government benefits intended for you and takeovers of your existing bank accounts.

Financial consequences of identity theft can be devastating. In 2022, the Identity Theft Resource Center received more than 14,800 reports of identity theft from all sources, including data breaches. About 1 in 3 victims reported financial losses of $10,000 or more, including some with losses that exceeded $100,000. Among victims who reported ID theft, 65% said their issues were still unresolved months after discovering the misuse.

How to Avoid Being a Victim of a Data Breach

While you can't do much about safeguarding data at the companies and agencies that store your personal information, the following steps can help you protect yourself and your information.

  • Protect your login information. Use strong passwords (and consider a password manager that generates random passwords for you), change those passwords often and activate multifactor authentication on smartphone apps and websites where sensitive information is kept.
  • Guard your credentials. Keep account numbers and passwords to yourself and be wary if a person or business asks for your Social Security number, bank account number or other personal credentials "for verification purposes" or any other reason. Unless you can be absolutely sure they are who they say they are, end the conversation or online session and call the organization in question yourself, using a public address or phone number you look up yourself.
  • Watch for signs of fraud. Check your credit report regularly for accounts or new credit applications you don't recognize.
  • Get rid of old paperwork. Shred and discard old documents containing your Social Security number and account numbers.
  • Purge your digital devices. Clear data on old phones, tablets and PCs before donating or selling them. Special software can help you make sure this data can't later be recovered.
  • Protect workplace data. A data breach at your workplace can affect your personal information and those of your customers and co-workers. Follow your employer's security protocols to keep important data safe and report the loss or theft of work-issued laptops, phones or tablets promptly.

What to Do After a Data Breach

It's not uncommon for data breaches to go undetected for some time after they occur, so by the time you're notified that your data has been exposed, criminals may already have begun exploiting it. It's important to act quickly if you believe your personal information has been compromised. Here are some steps to take if you're concerned:

  1. Keep watch. If you hear that an organization you work with has experienced a data breach, keep an eye out for notification whether your information was involved. (Breaches don't necessarily affect all of a victim organization's customers, members, employees or other related individuals.) You'll be notified if you're affected, and you may also be able to visit a website set up to let you check whether your data was exposed.
  2. Shore up personal data safeguards. Change account passwords, activate multifactor authentication on accounts you haven't already protected via that method.
  3. Place a fraud alert and consider freezing your credit. You have the right to request a fraud alert or credit freeze on your credit report for extra protection. A fraud alert notifies recipients of credit applications filed in your name that they should verify your identity before processing the application. A credit freeze hides your credit report from most creditors and makes processing new-credit applications impossible.
  4. Monitor your credit and financial accounts. Carefully review your bank and credit card statements and your Social Security account, back to the date the breach is believed to have occurred. Look for transactions or activity you don't recognize and report any to the relevant institution and law enforcement as appropriate. You should also check your credit reports at all three national credit bureaus (Experian, TransUnion and Equifax) for signs of suspicious activity. You have the right to dispute information on your credit report, including that which you believe to be the result of identity theft.
  5. Find and remove information that's already exposed. A privacy scan can help you locate information that might be exposed in public databases. If any turns up, you can ask to have it removed. A dark web search can make you aware of account numbers, passwords and other information that may be circulating on illicit hidden websites. You can't easily get them removed, but you can change affected passwords and account numbers.
  6. Notify the authorities as appropriate. If you've been victimized, report credit or identity fraud to the Federal Trade Commission, the FBI and local law enforcement agencies.

The Bottom Line

Data breaches are an unfortunate side effect of our reliance on digital technology. While you may not be able to do much to stop cyberattacks aimed at data theft, you can and should remain watchful. Respond quickly to any alert you receive that your data has been compromised, change passwords regularly and check your account statements and credit reports regularly for signs of suspicious activity. Consider using Experian's identity theft protection service to alert you of potential fraud. Stay vigilant.