Contact Us Today 01642 716680

Data Breach

Definition: A data breach is an incident in which sensitive, protected, or confidential data is accessed or disclosed in an unauthorised way, which can lead to data being stolen, viewed, or used by an individual or entity not intended to have access to it.

Data breaches are a considerable concern in cyber security as they represent a failure to protect private, confidential, or sensitive information. Breaches can have far-reaching consequences, including financial losses, damage to reputation, legal repercussions, and identity theft for individuals whose information has been compromised. Data breaches can result from various actions, including cyber-attacks, theft of physical devices, employee negligence, or system failures.

Organisations strive to prevent data breaches by implementing robust security measures, such as encryption, access controls, intrusion detection systems, and regular security training for employees. When a data breach does occur, companies are often required to follow data breach notification laws, which may include informing affected individuals and taking steps to mitigate the effects.

Key Characteristics:

  • Unauthorised Access or Disclosure: Involves gaining access to or revealing data without permission.
  • Sensitive Information: This can include personal information, trade secrets, intellectual property, or other types of confidential data.
  • Legal Implications: Often subject to legal regulations and standards that require notification and remediation.
  • Prevention and Response: Requires comprehensive security measures and an incident response plan to address potential breaches.


  • Real-World Example: The Equifax data breach of 2017, exposed the personal information of approximately 147 million consumers.
  • Hypothetical Scenario: An employee loses a laptop containing unencrypted personal records of clients, leading to potential unauthorised access and thus constituting a data breach.

Related Terms:

  • Cyber Attack: An attack carried out by cybercriminals using one or more computers against a single or multiple computers or networks, often leading to data breaches.
  • Incident Response: A plan and process for dealing with security incidents, including data breaches, to mitigate their impact.
  • Encryption: A method of protecting data by converting it into a code to prevent unauthorised access.

What is the OWASP Top 10: Download our flash cards to find out.

Inside you will find a description of the most common web vulnerabilities.

Contact us

Get a free, no obligation quote from one of our expert staff.