A data breach is a suspected or confirmed breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal or company data. Data breaches can occur for various reasons, including human error, malicious attacks, or system vulnerabilities.
The most common data breaches aren't the result of hackers or malicious behaviour. Instead, they stem from organisational and human mistakes such as sending an email to the wrong person, forgetting to redact data on a file, or forgetting to use bcc in emails.
Data breaches can happen in hundreds of different ways, below are some of the most common.
- Theft or loss of data or IT equipment containing personal or company data
- Leaving confidential/sensitive files unattended
- Unauthorised disclosure of sensitive client data
- Cyber attack
- Using client data for personal gain
- Sending data to the wrong recipient
- Failure to redact data
- Insecure disposal of hardware
- Alteration of personal data without permission