A data breach is a security incident where unauthorized users take sensitive, protected, or confidential information from a system without permission from the system owner.
Frequently asked questions
What’s the difference between a data breach and a data leak?
While both data breaches and leaks result in data being publicly exposed, data breaches occur when external actors compromise data via malware, phishing, or some other form of attack. Data leaks, on the other hand, are usually due to poor security practices or a mistake — for example, when employees accidentally expose sensitive or protected information.
What are the types of data breaches?
There are multiple types of data breaches. Some of the most common include ransomware attacks where bad actors compromise networks and encrypt key data, phishing attacks that convince users to provide account information or click on malicious links, and physical attacks that occur when criminals access secure areas and steal hard drives or copy data onto media devices such as USB flash drives.
What counts as a data breach?
A data breach is any event where information is accessed or stolen from a system without the authorization of the owner. Some data breaches may be relatively benign, while others may put intellectual property or personally identifiable information (PII) at risk.
What is an example of a serious data breach?
A serious data breach is one where critical operational or highly-sensitive data is accessed or stolen. For example, in 2013, hackers stole personal information such as names, dates of birth, emails, and passwords of around 3 billion Yahoo! customers.