What is a data leak?

First, what is data leakage? In short, it’s a security incident where private information becomes available to unauthorized parties. People may steal, accidentally transfer, or willingly give it away. Leaked data can be digital (electronic files) or physical (documents, letters, pictures, devices). However, data leaks are not the same thing as data breaches.

Data breach vs. data leak: What's the difference?

While you might sometimes see these terms used interchangeably, conflating them isn’t wholly accurate. Both carry the same consequence – unauthorized data exposure. The difference lies in the cause.

Data leaks typically happen due to poor security measures or someone's accidental actions. In most cases, cyber leaks aren’t meant to be malicious, and human error is at fault. Security researchers from vpnMentor have been exploring open databases for years. One of their most significant findings was in 2020 – they discovered that the Key Ring app had used a misconfigured Amazon S3 bucket to store 44 million records, including people's IDs, insurance information, driver's licenses, and credit cards. Even if no malicious actors noticed it before them and the company took care to close the database, it still counts as a data leak.

On the other hand, data breaches are deliberate. A data breach occurs when a cybercriminal attacks a company or a database and manages to obtain secret and sensitive information. Common tactics used during data breaches include DDoS attacks, malware, and social engineering that can break the company's defenses. The outcomes of data breaches and leaks are similar, but leaks lack the malicious intent of breaches.

Types of data leaks

If you want to spot data leaks quickly, you need to recognize the different incidents and strategies that may be causing them.

• Human error

  An unintentional leak can be caused by something as trivial as sending a confidential email to the wrong address. Leaving a database with your customers' data publicly accessible or losing a device with access to the information are also considered accidental data leaks. However, the consequences depend on who got the email or found the loophole allowing them to access the database. Some might delete it while others might get sneaky ideas.

• Scams and system breaches

  Sometimes, people look for vulnerabilities in your security, like out-of-data software or system bugs, to prove that they exist. They will not attack you openly. Instead, they look for loopholes to access information that's not supposed to be accessible from the outside. Others might employ social engineering tactics to create the perfect environment for a data leak.

• Intentional data leak

  Although data leaks often aren’t malicious, they may still be deliberately instigated. A situation can result from an employee who accesses the company's secrets or users' records to resell for financial gain. It might also be a whistleblower who has moral objections to what they witness in their company and uses the leaked information for exposition. Either way, they know what they are doing and usually try to remain anonymous as they work from the inside.

What type of data is at risk?

Data leaks are a disaster for the victims and a golden opportunity for cybercrooks, who usually look for impacted sensitive information to make a sizable profit. They go after identifiable information such as names, addresses, social security numbers, and credit card details. Such data can then be used for identity theft and money laundering. Stolen login credentials are often packaged into password leak databases and sold on the dark web.

When bad actors look to hurt a specific business, the information they go after might expand beyond personally identifiable data. For instance, they may target sensitive company information like internal communications or strategic plans. Trade secrets and intellectual property, such as proprietary code and software, can also be on the radar.

Today, data is paramount. With the increasing frequency of cyberattacks, businesses have to take serious steps to ensure the ironclad security of their data.

How is the leaked data used?

Once hackers have their hands on leaked or stolen data, they can exploit it for their goals. Here are a few ways exposed data can be used for nefarious purposes.

Social engineering

Leaked data often includes identifiable information like names, passwords, and email addresses. Hackers can use that information in social engineering attacks. Phishing is an attack during which hackers send out fake emails that impersonate a reputable source to get the potential victim to download a malicious attachment or click on a dangerous link. Without password leaks, hackers would be less successful in targeting and carrying out their attacks.

Doxing

Doxing, or doxxing, is the act of exposing identifiable information, such as a person's name, home address, and phone number, with malicious intent. After acquiring leaked data, hackers usually have more information than they need to dox a person. Doxing is often targeted against a specific person or group of people and has historically been used in harassment campaigns.

Slowdown or disruption of business operations

A data leak can have a tremendously negative impact on the affected organization. According to the National Cyber Security Alliance, an astounding 60% of companies go out of business within six months after falling victim to a data leak.

Real-world examples of data leaks and breaches

Data leaks and breaches are more common than ever, and experts believe that the frequency of such cyber incidents will only rise in the future. Here are a few major incidents that had companies around the world on their toes – some carrying graver consequences than others:

• ChatGPT

  In March 2023, a bug was discovered in OpenAI’s chatbot ChatGPT, leading to the leak of customer data, including their names, chat titles, and limited credit card details. The team emphasized that full credit card numbers were not exposed, and the leaked data was limited to the last four digits of the credit card numbers, as well as the expiration dates. The platform was temporarily taken offline to fix the bug.

• Credit Suisse

  In February 2022, a whistleblower initiated a data leak to expose a number of high-profile criminals who were employing the services of the Swiss bank Credit Suisse. The scope of the leak affected over 18,000 accounts. The exposed data was shared with the German newspaper Süddeutsche Zeitung, which published an exposé on the Swiss banking system.

• Twitch

  In October 2021, the live-streaming platform Twitch revealed it had experienced a massive data breach. The breach exposed over 100 GB of sensitive data, including the streamers’ names, addresses, email addresses, and earnings.

• Facebook

  On April 3, 2021, a security expert discovered a massive data leak that affected 533 million Facebook users. Overall, the leak produced 2,837,793,637 data points. On average, hackers exposed at least five types of data per user, including phone numbers, full names, dates of birth, Facebook IDs, email addresses, and user bios.

• Experian

  In February 2021, reports came out about the most significant data breach in Brazil's history, which exposed the sensitive information of more than 200 million people and 40 million companies. The culprit was suspected to be Serasa Experian, a company providing information and data services. The exposed data included personally identifiable information like dates of birth, full names, addresses, headshots, credit scores, income, and other financial data.

How to prevent data leaks and breaches

To minimize the risk of a data leak, you must establish security practices and procedures in your company. Remember that you can’t always control every single thing security-wise. You can never know if or when you might become a target. However, taking a few preventive measures will give you peace of mind.

• Control your data

  You should always keep backups of your data – that said, don't store unnecessary copies. Keeping your sensitive information in one secure database instead of multiple terminals will reduce the chances of it leaking. Knowing and controlling who has access to what information is also essential. Employees should only be allowed to access the data they need for their work. This way, you can avoid accidents and intentional leaks.

• Place restrictions on your employees’ emails

  You can set up Google Drive to notify your employees whenever they attempt to share the company's files with an outside party. Also, set up spam and phishing filters to cut the risk of successful social engineering attacks.

• Train your employees

  A basic understanding of potential cybersecurity risks is essential for everyone in your company, especially those handling sensitive data. Receptionists and head analysts alike should be aware of social engineering attacks, malware types, and internal security requirements. If they know and understand how much damage a data leak would do to the company, they will act more carefully.

• Establish strong security measures in your company

  Use firewalls to protect your network and restrict specific traffic. Ensure you're safe from malware, like ransomware, spyware, or keyloggers. Use a VPN with robust encryption to ensure secure connections, especially if your employees often travel or work from home. Ensure they use strong passwords and enable two-factor authentication for their most sensitive accounts. Encourage using a password generator to create complex passwords, storing them safely in an encrypted vault and updating them frequently to avoid password leaks.

• Prepare for the worst

  No one wants to go through the worst-case scenario, but accidents can happen. Therefore, it's a good idea to set up a response and damage control plan in case of a data leak. If you suffer a cyberattack, every minute is precious, and being able to act fast could save you a lot of money – and customers’ trust – in the long run.

• Establish proper cloud storage security

  Ensuring the security of data stored in the cloud is imperative. Without appropriate security measures, sensitive information can be exposed and stolen. Take your time configuring your cloud storage following the best security practices, and if necessary, adopt additional tools to protect your cloud storage.

• Evaluate and monitor third-party risks

  Even if you can ensure complete security within your organization, remember that your data can be exposed via third parties such as your partners and vendors. Supply chain attacks are on the rise, and businesses need to evaluate their partnerships with third parties security-wise to minimize the risk of falling victim to data leaks.

Data leak prevention practices

First, find out what kind of data was leaked. Account names, email addresses, and passwords often end up in data leaks. If your account was affected, change the password as soon as possible. If you use the same password anywhere else, you must change it over there, too. If you don't, you will be susceptible to a credential-stuffing attack, and all your online accounts will be at risk. If your credit card or banking details were affected, contact your bank immediately and block your cards.

If your business experiences a data leak, swift action is vital. Make sure to contain the leak as soon as you discover it. Immediately start a detailed probe into what exactly happened and why. Inform your customer base about the leak. Disclose all the relevant information: the date and type of the leak, as well as the affected systems and users. Finally, upgrade your organization's security infrastructure to lower the risk of future cyber incidents.

Bottom line

Data leaks are an ever-growing threat in the digital landscape, and staying ahead is as important as ever. If you’re concerned about the safety of your professional and personal data, you can start taking steps to protect it. The first order of business is setting up your business password manager.

NordPass is a password manager that offers encrypted storage for all your sensitive data, whether that’s your login credentials, address, credit card details, or ID information. In addition to your secure vault, you’ll also access features that help reinforce your data safety, like Password Health, which checks whether your passwords are weak or reused, and the Data Breach Monitor, which alerts you if you’re affected by a password data leak. Stay one step ahead of data leaks and start patching the holes in the ship before your information seeps into the wrong hands.