Skip to content Accessibility info

Allco Insurance Blog

All You Ever Wanted to Know About Insurance

What You Need to Know About Data Breaches

What Is a Data Breach?

A data breach is a security incident where personal and confidential information is stolen by another individual. The compromised info can include things like your name, birth date, street address, health care history, customer lists, Social Security number, and bank account information. If a company or organization discovers an unauthorized individual has viewed that information, they know they’ve had a data breach.

Data Breach vs. Data Leak

While a breach involves an outsider like a hacker breaking in and stealing information, a leak doesn’t start with a cyberattack—a company basically just leaves the door open by mistake so anyone can come in and take your info.

Just because a company has a data leak doesn’t mean someone accessed the information. But in the same way you’d need to cancel your debit card if you left it out in a parking lot for a day because you don’t know if someone saw it, when a data leak happens, there’s no way to know who—if anyone—saw your information either.

Recent Data Breaches 

Some data breaches seem more “minor” in nature because the information they gather feels less significant (like Facebook’s misuse of private data that impacted a potential 87 million users).

Sure, gaining access to information like names, email addresses, and passwords might not seem as harmful as someone having your Social Security number. But any data breach can leave you at risk of identity theft if the hackers want to use that information against you. 

Just reading the words data breach probably makes you think of one of the most infamous breaches in recent history. It’s hard to forget the far-reaching Equifax blunder that exposed Social Security numbers, birth dates, home addresses, tax ID numbers, and driver’s license information of potentially 148 million people.

The sad truth is a lot of the industries we trust to keep personal information safe are prone to being hacked.

*To find more recent breaches, visit the Privacy Rights Clearinghouse.

How Do Data Breaches Happen?

It seems like big-time security measures should be enough to keep cyber-attacks at bay, but no safety measure is surefire. Large-scale or minor data breaches can happen anytime a hacker or anyone who isn’t authorized gains access to sensitive files or information. And they happen a lot more often than you might think.

So, who or what is to blame for making these trusted companies vulnerable to data breaches? Anything as minor as a weak password can cause a breach. Like when you’ve used the same password pickles98 for the last 23 years across every single online account you have. Sometimes though, a website is missing a security patch, or a system glitch is at fault.

In the case of a leak, the company unknowingly triggers the leak of info. This type of incident is also known as an accidental data breach and can be caused by things like failure to follow password guidelines or public-facing web services. We’ve all been there. Whether it’s a new puppy or your personal info, “accidental leaks” are no fun to deal with.

What Is Targeted in Data Breaches?

When a hacker makes a cyberattack, they’re usually gunning for any sensitive data they can find—anything that can either be used to steal immediately (like payment information) or get them access to stuff that can be used to steal (like passwords).

Like mentioned before, sensitive data can include your name, birth date, street address, health care history, customer lists, Social Security number, and bank account information. Also included in there is your zip code, phone number, debit (or credit) card number, education records, or biometric data.

Hackers will also target a person or a company who has legitimate access to another company’s sensitive data for things like management or maintenance. This is called third-party access. You could have the cyber version of the Great Wall of China around your business, but if the little company contracted to do your marketing has one of those dog name/birthday passwords, you’ve got a big gaping hole in your wall.

How Do I Know if I’ve Been Affected by a Data Breach?

If a company experiences a data breach, they’re required by state law to let you know about it. It’s news no one wants to hear, but knowing allows you to become hyperalert and keep an eye on things moving forward.

Sometimes companies even offer compensation after people sue them. Equifax settled their agreement to make up for the way they handled their 2017 data breach. They handed out compensation for credit monitoring, loss of time and money, and even a partial reimbursement for any monitoring purchased with Equifax. If you find out your info is part of a data breach, stay tuned for any lawsuit settlements.

Regardless of what type of business you own or manage today, you need cyber liability insurance that can protect you and your patrons from a data breach. You probably have some type of online presence, but even if you operate entirely from a brick-and-mortar location, you need protection against hackers. Identity theft is rising, and cyber-crime that compromises your customer or patron base can cripple your organization if you don’t have the right protection in place.

Contact us today at 714-992-2390 or CLICK HERE to learn more.