What is a Data Breach?

A data breach occurs when sensitive, protected, private or confidential information is stolen, copied, viewed or conveyed to an unauthorized/untrusted party or environment. Motivations for such attacks vary and include financial gain (personal or organizational), socio-political goals (hacktivism) and state-sponsored espionage.

Targeted data may involve financial information, healthcare records, personally identifiable information or corporate trade secrets/intellectual property (such as client/customer lists or proprietary processes). A breach technically occurs anytime a party not specifically authorized to do so accesses this information. Breaches may be carried out by both external and internal actors.

A growing number of jurisdictions (including the European Union, Canada, Brazil and the State of California) have passed data breach notification laws, requiring that potentially affected parties be promptly informed of the breach.