A wide range of information is lost in a data breach, starting from more innocuous things like an email address to more dangerous items such as financial details. In a recent survey, 20% of the people interviewed had their financial data leaked in a data breach.
We think of data breaches as cyber incidents affecting people's email or passwords, but the truth is much more complex. Data breaches can affect all kinds of personal identifiable information, including credit card numbers, CVV codes, Social Security numbers, street addresses, and pretty much everything else.
A data loss survey by Security.org of more than 900 people, including 299 who lost data in various breaches, identified the type of information exposed to hackers. Much of it ends up on the black market.
As expected, the majority of leaked information covers email addresses, full names and passwords. But these have intrinsic value as they can be used to unlock the path to more sensitive data such as financial and banking information.
"Nearly 1 in 5 people had their financial information leaked in a data breach, including their credit card information (almost 14%), debit card information (around 12%), and bank account or routing number (6%)," says the survey. "While 42% of victims learned their information had been leaked directly from the breached company, even more (43%) learned of the breach from media reports."
Equally interesting about the survey is how victims learn about data breaches. Surprisingly, 43.3% of people found about security incidents from the media, and 42.3% from the company that suffered the breach. People also learn about them from friends, from the bank, and from the Internal Revenue Service (IRS), but something is missing.
The survey covered only 2018, which means users had few avenues to find out about data breaches. Now, online services allow people to track their digital footprint so that they are immediately notified when their data shows up in a data breach or is being misused.