Data breaches are one of the worst things that can happen to a company, especially when that company deals in sensitive information. No matter whether credit cards or patient information are breached, the cost to the company is real and comes in the form of lost trust and money. Protecting databases from determined hackers should be a primary priority of business. Discover why data breaches are costly, and learn what your company can do to protect itself.
There are two ways for a hacker to get into a database: social engineering and brute force hacking. The cloud is especially susceptible to the latter, especially if the cloud provider doesn’t offer a service that monitors login attempts. People don’t always choose particularly secure passwords, leaving easy opportunities for a criminal hacker to get into their accounts using any of a variety of attacks. In the most common attack, known as a dictionary attack, a hacker uses a script to enter words from the dictionary into the login screen in an attempt to gain unauthorized entry.
In social engineering, by contrast, the hacker calls, or hires a group of people to call, customer service, asking seemingly benign questions or providing plausible explanations for having lost a password. If the company does not have multiple security questions in place, social engineering can very easily succeed. The hacker gets the password and access to the account, and the owner is victimized without realizing it until it’s too late.
It’s estimated that the cost of losing an individual account to a data breach can run from a few dollars into the hundreds of dollars. In the event that a small database is lost, a company can weather the losses, take care of the customers, and move on. But when it’s a large database that contains thousands of users, the losses add up very quickly. Multiply a few dollars by hundreds of thousands of users, and data breaches become very costly.
In the meantime, the hacker gets anywhere from fifty cents to a few dollars per valid account uncovered. It may not seem like much, but multiply that by thousands of accounts, and the hacker gets a nice payday for his or her efforts.
Companies ignore data breaches at their peril. Though such breaches may be seen as a cost of doing business, they can be very damaging to a business’s overall image. Customers who have sustained losses are not always willing to give a company a second chance, especially when another service is offering the same product while providing stronger security measures.
Many companies store data in the cloud, removing the storage of that information from the physical business. Businesses that do so should carefully examine their cloud service provider’s security measures to find out how well they can stand up against an attack by a determined hacker.