What is the Most Common Cause of Data Breaches?

When we think about data breaches, we often envision a masked man sitting in the dark hacking his way into our personal and business data. We imagine a sinister “Big Brother” of sorts seeking to find our credit card numbers, social security info, and password credentials. 

While there is definitely someone with malicious intent at the other end of the line, most of the time the initial cause of a breach starts in your office or home. Today we are taking a closer look at the most common causes of data breaches, especially focusing on how you can prevent a breach from occurring with your personal or business data. 

Knowing what commonly causes a breach can be the first step in preventing it from happening to you or your business. For companies, especially those under HIPAA rules, it is critical to maintain compliance and protect patient data from vulnerabilities. 

criminal hacking

Criminal Hacking 

According to a  Verizon 2018 Data Breach Investigations Report, 48% of all data breaches are solely caused by criminal hacking, thus why your initial assumptions about the masked man sitting in front of a computer breaking into your data, is somewhat accurate. Using vulnerabilities like old software, systems that were never properly patched, and potentially stolen credentials, a hacker can access your data and create a nightmare scenario for your business. 

A solution for businesses and personal users is to make sure your software is up-to-date and that all available patches have been installed. In addition, keeping your credentials private and using strong passwords can help. A password manager that maintains strong and varied passwords for all of your accounts can assist in this matter. 


Malicious software otherwise known as “malware,” is any piece of software that was written with the intent of damaging devices, stealing data, and generally causing a mess. Viruses, Trojans, spyware, and ransomware are among the different kinds of malware. Malware accounts for approximately 30% of data breaches. 

Preventing malware means taking a comprehensive look at your security practices. For example, are you properly installing anti-virus software? Are you keeping that software up-to-date? Are you running regular scans and keeping your system current? Are you training your employees to think before they click? Are you backing up your files and using strong password protection? Each of these questions may reveal a vulnerability that malware can cash in on. 

human error on computer

Human Error

Approximately 17% of breaches occur due to human error. Some reports put the number much higher. This can occur when an employee at work, or a family member at home uses: weak passwords, sends sensitive information to the wrong recipient, or falls for a phishing scam. 

A solution to this problem is training and educating your employees (and at home, your family) about what to look for in emails and attachments. Regular review of best practices when it comes to safeguarding devices and password protection can go a long way in preventing a data breach. 

Is your business vulnerable to a data breach? Talk to our specialists who can evaluate and remediate any of your system’s issues.