With breaking news of cyber-attacks and hacks becoming an increasingly-present piece of our digital lives, and data breaches seemingly around every corner, it’s become important to have a working knowledge of these two potentially devastating terms forever dominating our news feeds.
Are they similar? Yes. And you’ll often see them side-by-side and used indiscriminately in the media. But are they the same? Not at all. The following is a brief breakdown and a quick look at what separates a hack from a breach, and why it’s important to be aware, and ready for, both of them at any given time.
A Hack
A hack is a deliberate, intentional attack, perpetrated by a single hacker or by an organized group to steal private data and information, or hold a system hostage for some form of ransom.
The way in which hackers attack a system can vary: To gain unlawful access to protected systems, like your computer or server, some hackers will use complex hacking techniques that require immeasurable skill to access systems and disable any set security or defense mechanisms. Others rely on premade software programs that will do the hacking for them - The latter are sometimes known as “script kiddies.”
But it’s not a one-sided practice: There are hackers on both sides ends of the spectrum, and any security firm worth its salt has hackers under its employ, called white hat hackers, to test a company’s systems for potential vulnerabilities, and ultimately find weak spots before a malicious hacker (called, unsurprisingly, a black hat hacker) does. This helps plug potential holes and strengthen security in general.
Recent, high-profile hacks you may have heard about
In the summer of 2017, the Minnesota State Government website was hacked as a form of protest against recent acts of police brutality. A hacker by the name of Vigilance allegedly stole a list of 1,400 email addresses and affiliated passwords that give access to internal databases from the server admin.state.mn.us, which connects to other databases of the sites mn.state.us and mn.gov.
Leaving the information of Minnesota senators, reps, and their staff, completely unprotected.
Only a few months later, the Explore Minnesota tourism site was hacked as well – though, in this instance, no data was breached: The hackers simply flooded the site’s twitter feed with “fake news” articles ranging from the story of a death row inmate eating the Holy Bible page-by-page for his last meal, to the story of a woman training squirrels to attack her ex-boyfriend.
These hacks were, ultimately, fairly self-contained and didn’t result in too much trouble for the institutions involved. But that’s not always the case, and some hacks are incredibly destructive, and do permanent damage to companies and their customers:
You might remember hearing about the Equifax hack, for example. How could you not? It dominated news sources and social media feeds for much after the attack was carried out in the summer of 2017. And, as a result, Equifax will never be the respected consumer credit reporting agency it once was – that’s not something you can really return from reputation-wise – and they’re still dealing with the legal fallout. More importantly, though, was that the personal and highly-sensitive information of over 143 million Americans was compromised and left completely vulnerable.
A Data Breach
A data breach, on the other hand, is the result of data left unintentionally vulnerable in an unsecured environment and ends up in the hands of someone who should never have seen it.
No malicious intent need be involved: Breaches happen as a result of simple negligence, human error, or a lack of security. Though, they still leave a company vulnerable, and can potentially be as damaging as any hack.
Important to note: The word “breach” is often used as a broad term to cover a number of different cybersecurity compromises, including hacks. This is often where confusion incorrect terminology usage stems from.
Illustrating the Difference Between the Two
Ultimately, the differences between a hack and a breach are fairly simple. The results, however, can be less so.
In the case of the Explore Minnesota hack we discussed earlier, there was no data breach as a result of the hack: Hackers simply penetrated the system and put some (rather strange) content online. The hackers didn’t expose or steal any company or customer data, so, there was no actual data breach.
With Equifax, however, there was a data breach and the information of over 143 million Americans became available to those with malicious intent. This data, known as their personally identified information (PII), was inadvertently at risk due to negligence – the company failed to address a vulnerability in their software, which basically allowed the hackers to basically walk right through the front door.
A more specific, and timely, example of a data breach is the widely-covered Facebook and Cambridge Analytica data breach. Some 87 million users had their information exposed to Cambridge Analytica through their personal Facebook accounts earlier this year. Cambridge Analytica didn’t collect that information through a hack or an attack, however, and didn’t need to: They were instead able to collect the data through a gap in Facebook’s API.
Herein lies the key differences between the two: not all hacks lead to a data breach, and, conversely, data breaches often happen without a hack.
(But, to be clear, if a company/service/platform does get hacked it’s always a bad thing – it just might not be a bad thing that affects the customer or user or you. A hack doesn’t automatically mean that your personal information has been breached.)
The more these differences are understood, and how gaps and lags in cybersecurity might happen, the better your chances of handling such a situation should it ever occur, and the better the chanced of your company protecting the sensitive personal and financial data of customers, clients, employees, etc. in the first place.