What is it?
A loss of information from your systems that could harm your business or customers.
Why is it important?
Data leakage is important to cybersecurity and business professionals because of the negative impact to finances and reputation that losing critical information can have on an organization. Data ownership spans a business at every level of leadership, and protecting data is a business responsibility that must be reflected in every organization’s goals.
Why does a business professional need to know this?
Understanding data leakage means knowing what data is important, where sensitive data resides, and what could cause data to improperly leak outside your organization. It is also important to understand that a leak can be intentional or unintentional, and the impact of a leak can be rated as low or high.
Understanding data leakage enables you to work with cybersecurity specialists to develop controls to protect sensitive information and reduce this risk to your business. The potential impact of data leakage is not limited to just your systems or one specific information medium. Recent examples, such as the Equifax breach(O’Brien 2017), highlight the potential for serious consequences, including legal actions, loss of jobs, and damage to business reputation.
Other examples of significant data leaks include the following:
- Personal details for more than 198 million US voters were left on a publicly accessible server by a company working for the Republican National Committee(RNC)(O’Sullivan 2017).
- Personal information, including billing addresses and details of financial transactions, for 4 million Time Warner Cable subscribers was left on an Amazon cloud server with no password(Fingas 2017).
- A spreadsheet containing private notes about more than 30,000 customers at a restaurant frequented by celebrities was accidentally attached to a broadly distributed email message(Morabito 2017).
- An Iranian hacker stole 1.5 terabytes of data from HBO, including scripts, unaired episodes of several HBO programs, and technical data about HBO’s network, including passwords(Moneywatch 2017)(Barrett 2017).
- A Verizon vendor accidentally left information about 6 million Verizon subscribers on a cloud server for more than a week(Schiffer 2017).
These examples, which are just the most notable of many that have occurred over the last few years, make it clear that data leaks can cause serious damage to an organization’s reputation and bottom line.
- (O’Brien 2017) Giant Equifax data breach: 143 million people could be affected: O’Brien, Sara Ashley (2017). CNN Tech.
- (O’Sullivan 2017) The RNC Files: Inside the Largest US Voter Data Leak: O’Sullivan, Dan (2017). Upguard. Describes the leak of personal information about 198 million US voters.
- (Fingas 2017) Data leak exposed millions of Time Warner Cable customers: Fingas, Jon (2017). Engadget.
- (Morabito 2017) Mystery Restaurant Accidentally Leaks Hilarious Notes About Its Guests : Morabito, Greg (2017). Eater.com. Updated 5/16/2019.
- (Moneywatch 2017) HBO faces hacker threat: pay up, or suffer bigger data leak: CBS Moneywatch (2017). CBS/AP.
- (Barrett 2017) Breaking Down HBO’s Brutal Month of Hacks: Barrett, Brian (2017). Wired.
- (Schiffer 2017) Why it took more than a week to resolve the huge Verizon data leak: Schiffer, Alex (2017). Washington Post.