Data breach involves unauthorised access or disclosure of sensitive, confidential or otherwise protected data. This may be personal information (for example regarding health or financial accounts), trade secrets or intellectual property.
Data theft relates to stealing digital information - from an individual or an organisation with the intention to compromise privacy or obtain confidential information. See more reasons behind cyber attacks.
Impact of data breach or theft
The exact impact of data breaches or theft may vary depending on the organisation. However, common consequences you will need to consider are:
- financial loss
- reputation damage
- operational disruption
- monetary penalties (if you fail to comply with data protection laws)
See more on the impact of cyber attack on your business.
Risks to your data can come from:
- unauthorised access to your IT systems and networks
- theft of property or equipment from your premises
- transporting data externally via unsecure devices
- failure to follow data protection processes and principles, with or without intent
How to prevent data breach
To protect your business data, you should think about:
- where and how you store it
- how you secure it (physically and electronically)
- who has access to it
- how is that access facilitated (eg individual devices)
You should back up your important data regularly and store it securely off site. For added protection, you can use data loss prevention software to:
- disable USB ports
- monitor copying of files to storage media
- prevent users from transferring the data altogether
As part of your security measures, you should create an asset register - taking into account all hardware and software, including your server equipment. Determine which assets are at risk from cyber attack and record all the relevant details. Audit the register regularly to ensure that equipment is accounted for, and that the information is safe and secure. Find out more on managing assets in business.
Dealing with a data breach
If you believe that data has been stolen, or you have been exposed to scam or fraud, you will have to take action to:
- prevent the data breach continuing
- discover the extent of the damage
- clean up the results
See more on cyber security breach detection.
Your incident response will depend on the circumstances. You may need to take specific advice from the police or legal advisors, but generally speaking, you should:
- report the incident to the Police Service Northern Ireland
- inform your bank
- check bank accounts for unexplained transactions
- check your business for any unexpected changes in its credit condition
- consider hiring an IT security specialist to investigate the breach
- consider hiring a specialist to rebuild or replace parts of your IT infrastructure, if necessary
Find out how to develop a cyber security incident response plan.
The National Cyber Security Centre (NCSC) provides detailed resources to help you effectively detect, respond to and resolve cyber incidents. You should consult the following:
- small business guide to response and recovery
- incident management guidance
- 'Exercise in a Box' online tool to help you practise your response in a safe environment
Reporting a data breach
As part of managing the incident, you may need to let people or organisations know about the security breach. You may need to notify:
- the regulators, if the breach is significant or if you've failed to comply with data protection legislation
- individuals or groups whose personal data has been compromised
- relevant industry bodies, eg in the financial or telecommunications sector