It’s important that consumers and tech users understand how cybersecurity issues and compromised personal data records occur. One of the many avenues to data loss that advocates and experts have pinpointed is through data breaches.

The Identity Theft Resource Center first started tracking data breaches more than ten years ago, and each year the organization releases its annual data breach report. The report lists which businesses or entities were affected by a breach—whether intentional or accidental—as well as the number of consumer records that were compromised in the breach and what types of personal identifiable information may have been accessed. Understanding that report and the reach that those events have is important for determining how to educate consumers and policymakers about the threat from data breach incidents.

There are some critical factors that are present in any data breach. Was it an intentional attack, or accidental? If it was an inside job, was it the result of employee carelessness or did an employee steal the customer data? Can it be traced back to inadequate security protocols or a lack of workplace policy concerning appropriate computer use? Is it a new form of attack that even industry experts aren’t aware of? What were the hackers after, and how can they cause harm with the information they gleaned in the event?

Those are the questions that forensic tech investigators try to answer in any data breach. If it was accidental, they seek to uncover the circumstances that led to it, like an unsecured network without proper antivirus software in place or a lack of training that could have prevented the breach. If it was an intentional inside job attack, someone with access to sensitive data is to blame and investigators find out who had that access and why. In outside attacks, investigators not only want to uncover the method by which hackers infiltrated the network, but also learn from that method and spread the word so others don’t fall victim. Finally, investigators work to uncover any third-party connections, meaning one company may have been breached, which can then lead to a breach of other connected companies.

It’s very important for consumers and businesses alike to understand what the term data breach actually means, though, and what criteria must be met for it to be recorded. Regarding the rules of inclusion, the ITRC has given a considerable amount of thought to the development of the criteria used when assessing breaches and the integrity of its sources.  Each selected incident is required to have been reported to a state Attorney General’s office or published by a credible media source, such as TV, radio, press, etc.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services