Data Breach
Also known as: Security Incident, Data Exposure
Any unauthorized access to, disclosure of, or loss of protected personal or business data, regardless of whether the cause was malicious.
Definition
A data breach occurs whenever protected information is accessed by someone not authorized to have it, or is accidentally exposed to unauthorized parties. The legal definition varies by jurisdiction, but most regulatory frameworks use broad definitions that include: unauthorized access by external attackers, accidental employee disclosure, vendor-side exposures, and lost or stolen physical devices containing unencrypted data.
Breach triggers mandatory notification requirements in most jurisdictions, typically within 30-72 hours for certain data types and affected populations. Costs include direct remediation, legal fees, regulatory fines, notification services, and customer attrition.
Breach triggers mandatory notification requirements in most jurisdictions, typically within 30-72 hours for certain data types and affected populations. Costs include direct remediation, legal fees, regulatory fines, notification services, and customer attrition.
Example
A company's misconfigured cloud storage bucket makes customer records publicly accessible for three weeks before detection. Even though no malicious actor is identified, this constitutes a data breach requiring notification of affected customers.
Important Distinctions
The 'breach' does not require a hacker. Emailing a file to the wrong person, leaving a laptop unencrypted, or a vendor misconfiguring your shared environment all constitute breaches under most breach notification laws.