Glossary Term: Data Breach

A security incident where unauthorized individuals gain access to confidential or protected information. Data breaches result from cyberattacks, insider threats, or human error, often leading to financial losses, regulatory penalties, and reputational damage. 

A data breach is a security incident where unauthorized individuals gain access to confidential, sensitive, or protected information. This can include personal data, financial records, intellectual property, or any other information that an organization or individual intended to keep private. 

How Data Breaches Happen

Most data breaches start with attackers exploiting weaknesses in an organization’s security defenses or human factors. 

External cyberattacks use techniques like phishing emails, malware, or exploiting software vulnerabilities to gain unauthorized system access. Once inside, attackers move through networks to reach valuable data. 

Breaches also happen when employees accidentally send sensitive files to the wrong person or intentionally steal data. Lost laptops and USB drives create exposure risks, while technical mistakes like misconfigured cloud storage can leave massive amounts of information publicly accessible. 

Types of Data Commonly Targeted

Different types of information have varying levels of value to attackers: 

  • Personal identifiable information – Names, addresses, Social Security numbers valuable for identity theft 
  • Financial data – Credit card numbers and bank details that provide direct monetary access 
  • Healthcare records – Comprehensive personal and medical information worth more on illegal markets 
  • Intellectual property – Research and trade secrets targeted by competitors 
  • Login credentials – Username/password combinations that unlock multiple systems 

Common Breach Consequences

The aftermath of a data breach creates both immediate and long-term challenges. IBM’s 2025 Cost of a Data Breach Report stated that the global average cost was $4.44 million, including investigation expenses, legal fees, and regulatory fines. 

Regulatory penalties under laws like GDPR can reach 4% of annual global revenue. Beyond financial costs, reputation damage often proves more harmful as lost customer trust affects future business for years. Operations may also halt while systems go offline for investigation and remediation. 

Data Breach Prevention Through Privilege Management

Excessive admin rights create one of the biggest vulnerabilities in data breach scenarios. When users operate with permanent administrative privileges, any malware that compromises their account automatically gains the same elevated access to sensitive systems and data. 

Admin By Request’s EPM solution addresses this by removing permanent admin rights and providing just-in-time elevation when users actually need it. This approach prevents the privilege escalation that transforms minor security incidents into major data breaches. 

Back to top