Privacy

What is a security breach?

Think of a security breach as a break-in. If someone smashes a window and climbs into your home, that’s a security breach. If the intruder snatches your documents and personal information and climbs back out the window, that’s a data breach — but more on that later.

Security breaches happen a lot — not at your house necessarily, but in large and small organizations. A security breach can damage an organization’s reputation and finances. If your data happens to get swept up in the process, it can affect you, too.

Security breaches and data breaches can occur on a massive scale. Think back to the Equifax data breach in 2017 when hackers accessed the personal information of more than 145 million Americans. Or the Yahoo data breaches — first reported in 2016 — that exposed 3 billion user accounts.

What’s a security breach by definition? A security breach occurs when an intruder gains unauthorized access to an organization’s protected systems and data. Cybercriminals or malicious applications bypass security mechanisms to reach restricted areas. A security breach is an early-stage violation that can lead to things like system damage and data loss.

What are the types of security breaches?

Attackers can initiate different types of security breaches. Here are three big ones.

Viruses, spyware, and other malware

Cybercriminals often use malicious software to break in to protected networks. Viruses, spyware, and other types of malware often arrive by email or from downloads from the internet.

For instance, you might receive an email with an attached text, image, or audio file. Opening that attachment could infect your computer. Or you might download an infected program from the internet. In that case, your computer would become infected when you open or run the malicious program. If it’s a virus, it could spread to other computers on your network.

Impersonation of an organization

Cybercriminals sometimes can create a gap in security by sending a bogus, but convincing email to an employee of an organization. The email is made to appear like it’s from an executive with an urgent request for, say, employment records, log-in information, or other sensitive data. Eager to fill the request, the employee may email back the information — putting it in the hands of cybercriminals.

This tactic is known as phishing — or spearfishing, if the email is highly targeted to a specific person.

The attacks often target the financial industry, with the goal of accessing financial accounts. Or a phishing email may target you, as an account holder. You might receive an urgent email saying, there’s been an attempt to access your bank account, so click on this link and log-in now. But the link is fake, and your log-in information goes straight to fraudsters.

Denial of service (DDoS) attacks

A denial-of-service attack is capable of crashing websites. Hackers can make a website — or a computer — unavailable by flooding it with traffic. DDoS attacks are considered security breaches because they can overwhelm an organization’s security devices and its ability to do business. DDoS attacks often target government or financial websites. The motive can be activism, revenge, or extortion. During an attack, anyone who has legitimate business with an organization — like you — will be unable to access the website.

But these three examples are just a start. There are other types of security breaches. Cybercriminals can also exploit software bugs or upload encryption software onto a network to initiate ransomware attacks — in essence, demanding a ransom in exchange for the encryption key. Or intrusions may occur inside an organization, with employees seeking to access or steal information for financial gain.

Security breach or data breach?

The terms security breach and data breach are sometimes used interchangeably, but they’re two different things. It’s usually a question of order. A security breach happens first. A data breach may follow. One exception: A company may negligently expose data. That’s considered a data breach.

A security breach occurs when an unauthorized party bypasses security measures to reach protected areas of a system. A security breach can put the intruder within reach of valuable information — company accounts, intellectual property, the personal information of customers that might include names, addresses, Social Security numbers, and credit card information.

If a cybercriminal steals confidential information, a data breach has occurred. Personally identifiable information is often sold on the dark web and can be used to commit crimes such as identity theft.

Yahoo security breach

The Yahoo security breach began with a spear-phishing email sent in early 2014. A Yahoo company employee clicked on a link, giving hackers access to the company’s network. Three Yahoo breaches in total gave cybercriminals access to 3 billion user accounts. Yahoo announced the first breach in 2016.

Exposed user account information included names, birth dates, phone numbers, security questions, and passwords that were weakly encrypted. Keep in mind, some people use the same password — a dangerous practice — on multiple accounts. This could give cybercriminals access to other accounts. Some stolen information reportedly has been sold on the dark web.

Equifax security breach

The data breach at Equifax, one of the nation’s largest credit reporting companies, exposed the personal information of more than 145 million Americans.

Cybercriminals exploited a website application vulnerability. Unauthorized access to data occurred from between May and July 2017. Equifax announced the cybersecurity incident on September 7, 2017.

Hackers accessed personally identifiable information that included names, Social Security numbers, birth dates, addresses, and, in some cases, driver’s license numbers.
The breach arguably increased the risk of identity theft for millions of Americans.

Facebook security breach

Facebook, in September 2018, announced an attack on its computer network. The personal information of nearly 29 million users was exposed. Cybercriminals exploited three software flaws in Facebook’s system.

Hackers were able to break into user accounts that included those of Facebook CEO Mark Zuckerberg and Chief Operating Officer Sheryl Sandberg.

How to help protect yourself from a security breach

Your personal information is in a lot of places, including with government agencies, healthcare providers, financial institutions, and stores.

There’s not much you can do to prevent a security breach at any of those places. But you can do some things to help protect yourself before and after a breach occurs. Here are some examples.

  • Create strong, secure passwords. That means using uppercase and lowercase letters, as well as non-sequential numbers and special characters.
  • Use different passwords on different accounts. If one account is compromised, cybercriminals won’t be able to easily access your other accounts.
  • Use secure websites. Look for “https” in the web address. It indicates a secure, encrypted connection.
  • Protect Social Security number. Provide your SSN only when it’s absolutely required. Ask about providing a different form of identification.
  • Install updates. Always update your computers and mobile devices with the latest versions of operating systems and applications. Updates sometimes contain patches for security vulnerabilities.
  • Stay informed. If you do business with a company that’s had a data breach, find out what information was taken and how it could affect you. Companies sometimes set up a website to keep consumers informed.
  • Be watchful. Monitor online and monthly financial account statements to make sure the transactions are legitimate.
  • Sign up for credit reports. Regularly check your credit reports to make sure an imposter hasn’t opened credit cards, loans, or other accounts in your name.
  • Consider credit services. Credit freezes, credit monitoring, and identity theft protection services can help you keep track of your information.

3 steps to help defend yourself

Helping to defend yourself against a security breach boils down to taking three steps — one before, one during, and one after a breach occurs.

  1. Plan ahead. Your personal information has value. Help protect it by sharing as little as possible. Guard key identifiers like your Social Security Number. Consider the tradeoffs of providing your personal data to organizations, computer app makers, and social media platforms. Read privacy policies and seek assurances that your data will be protected.
  2. Be proactive. When a security breach happens, it’s important to know what personal data was exposed and what you should do to help protect yourself. This might include changing passwords on your accounts, freezing your credit reports, and considering an identity theft protection service to help manage any fallout. 
  3. Follow up. Here’s the thing: If your personal information is stolen, you could face the consequences in the short or long term. You might detect suspicious charges on a credit account soon afterward. That might be easy to spot and take care of. But often stolen information doesn’t appear for sale on the dark web until months or years after a data breach. Regularly checking your credit reports or enlisting the help of an identity theft protection service can help spot some problems as they arise.

Your personal information lives in a lot of places — not just in your home. It’s smart to know what to do when a cyberthief “breaks a window” and steals it away.

Victim of a data breach? LifeLock monitors for identity theft and threats.

Norton joined forces with LifeLock, we offer a comprehensive digital safety solution that helps protect your devices, connections and identity.


Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.