Skip to content

Term of the Week: Data Leak

What is it?

A loss of information from your systems that could harm your business or customers.

Why is it important?

Data leakage is important to cybersecurity and business professionals because of the negative impact to finances and reputation that losing critical information can have on an organization. Data ownership spans a business at every level of leadership, and protecting data is a business responsibility that must be reflected in every organization’s goals.

Why does a business professional need to know this?

Understanding data leakage means knowing what data is important, where sensitive data resides, and what could cause data to improperly leak outside your organization. It is also important to understand that a leak can be intentional or unintentional, and the impact of a leak can be rated as low or high.

Understanding data leakage enables you to work with cybersecurity specialists to develop controls to protect sensitive information and reduce this risk to your business. The potential impact of data leakage is not limited to just your systems or one specific information medium. Recent examples, such as the Equifax breach(O’Brien 2017), highlight the potential for serious consequences, including legal actions, loss of jobs, and damage to business reputation.

Other examples of significant data leaks include the following:

  • Personal details for more than 198 million US voters were left on a publicly accessible server by a company working for the Republican National Committee(RNC)(O’Sullivan 2017).
  • Personal information, including billing addresses and details of financial transactions, for 4 million Time Warner Cable subscribers was left on an Amazon cloud server with no password(Fingas 2017).
  • A spreadsheet containing private notes about more than 30,000 customers at a restaurant frequented by celebrities was accidentally attached to a broadly distributed email message(Morabito 2017).
  • An Iranian hacker stole 1.5 terabytes of data from HBO, including scripts, unaired episodes of several HBO programs, and technical data about HBO’s network, including passwords(Moneywatch 2017)(Barrett 2017).
  • A Verizon vendor accidentally left information about 6 million Verizon subscribers on a cloud server for more than a week(Schiffer 2017).

These examples, which are just the most notable of many that have occurred over the last few years, make it clear that data leaks can cause serious damage to an organization’s reputation and bottom line.

References

About Dennis Leber

Photo of Dennis Leber

Dennis Leber is an information security executive with over 10 years experience in IS/IT management and over 20 years of management experience across various industries. Currently, Dennis serves as the chief information security officer (CISO) at the Cabinet for Health and Family Services for the commonwealth of Kentucky, where he works to protect over 400 in-house applications and associated data. Dennis has also worked in the automotive industry, healthcare, federal government, and military to protect data and the systems that house them.  

Term: Data Leak

Email: mostinterestingmaninis@gmail.com

Website: mostinterestingmaninis.com

Twitter: @dennisleber

LinkedIn: linkedin.com/in/dennisleber

Leave a Reply