Security

Data Breach

A security incident where sensitive, protected, or confidential data is accessed, disclosed, or stolen by unauthorized individuals.

Also known as:Security BreachData Leak

What is a Data Breach?

A data breach is a security incident in which sensitive, protected, or confidential information is copied, transmitted, viewed, stolen, or used by an unauthorized individual. Breaches can result from hacking, insider threats, accidental exposure, or physical theft.

Types of Data Breaches

External Attacks

  • Hacking and malware
  • Phishing attacks
  • SQL injection
  • Ransomware

Insider Threats

  • Malicious employees
  • Negligent actions
  • Credential misuse

Accidental Exposure

  • Misconfigured systems
  • Lost devices
  • Unintentional disclosure

Physical Breaches

  • Stolen hardware
  • Document theft
  • Unauthorized access

Breach Impact

Financial

  • Regulatory fines
  • Legal costs
  • Remediation expenses
  • Lost business

Reputational

  • Customer trust loss
  • Brand damage
  • Media coverage

Operational

  • System downtime
  • Investigation costs
  • Process changes

Breach Response

  1. Identify and Contain

    • Stop data loss
    • Preserve evidence

  2. Investigate

    • Determine scope
    • Identify cause

  3. Notify

    • Regulators
    • Affected individuals
    • Law enforcement

  4. Remediate

    • Fix vulnerabilities
    • Improve controls

  5. Review

    • Lessons learned
    • Process improvement
Previous

CVSS

Next

Data Classification