A simple guide to data breach terms
These days, data breaches are happening left right and centre. A lot of them are dealt with discretely and we may never hear about them, but for those that are publicised, statements from offending organisations can be littered with jargon and tech-words.
Sometimes when things go wrong, organisations are keen to blame anyone and anything but themselves. Some may play that they are the victims of “super hackers” when in reality the breach could have been avoided with better cybersecurity in place. To try and understand what they may be saying underneath the “waffle”, we’ll go over a few simple terms.
They might say something like ‘we really value your privacy‘ after a breach, but then hit the media with a load of complicated-sounding reasons as to how and why the data was breached, hacked or leaked. So, here are a few terms for you:
Exactly as it sounds; like the words you’re reading right now. Plain text is unaltered and can usually be read by anyone. Data that can be read as plain as day can be vulnerable for obvious reasons.
Data can’t be easily read in this form because the data has been scrambled and / or hidden, and there should be a key to the data. Using that key to reverse the data encryption should then make it visible. This is probably the most basic level of cybersecurity. It’s often effective as the first line of defence. TalkTalk was heavily criticised for not encrypting their data after the big breach they were at the centre of.
Hashing is typically where data is put through a scrambling system; like encryption but without a key. The hashed data is (as the name sounds) scrambled up with (usually) numbers. this is one of the best ways of storing passwords – if a database is ever hacked, the hashed data should only allow for some characters of a password to be stolen. If you believe in using strong passwords that use numbers and symbols, a hashed password can be very hard to derive.
Salting is adding a bit of something extra to your data. Maybe after it’s hashed, a few more characters are added on; just to add more confusion to anyone trying to hack it or read hacked data. Salting is usually done to the front of the hashed password.
Usually follows at the end of it. More or less the same as salting, just to add a bit of something to that mixture.
This is essentially like the hashing with salt and peppering, except it’s already got the seasoning in. This one is a bit more robust and can withstand attacks more, but if your password is ‘password’ or ‘12345’ then it’s probably not that useful. Some data is only as strong as the password it protects!
It’s fair to say that you can’t really fully secure all data. What you can do though is utilise systems like those above to protect data as best as possible.
If you are then told that your data has been hacked, the above list can be a “go-to” list in terms of what steps were taken to protect your data.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with a * are required.