Data breach

Intentional or unintentional release of secure information / From Wikipedia, the free encyclopedia

Dear Wikiwand AI, let's keep it short by simply answering these key questions:

Can you list the top facts and stats about Data breach?

Summarize this article for a 10 year old

SHOW ALL QUESTIONS

A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so.[1] Other terms are unintentional information disclosure, data leak, information leakage and data spill. Incidents range from concerted attacks by individuals who hack for personal gain or malice (black hats), organized crime, political activists or national governments, to poorly configured system security or careless disposal of used computer equipment or data storage media. Leaked information can range from matters compromising national security, to information on actions which a government or official considers embarrassing and wants to conceal. A deliberate data breach by a person privy to the information, typically for political purposes, is more often described as a "leak".[2]

Data breaches may involve financial information such as credit card and debit card details, bank details, personal health information (PHI), personally identifiable information (PII), trade secrets of corporations or intellectual property. Data breaches may involve overexposed and vulnerable unstructured data – files, documents, and sensitive information.[3]

Data breaches can be quite costly to organizations with direct costs (remediation, investigation, etc.) and indirect costs (reputational damages, providing cyber security to victims of compromised data, etc.).

According to the nonprofit consumer organization Privacy Rights Clearinghouse, a total of 227,052,199 individual records containing sensitive personal information were involved in security breaches in the United States between January 2005 and May 2008, excluding incidents where sensitive data was apparently not actually exposed.[4]

Many jurisdictions have passed data breach notification laws, which requires a company that has been subject to a data breach to inform customers and take other steps to remediate possible injuries. 50 U.S. states have some form of data breach notification laws, the definitions of what constitutes "personal information" vary. So US requires more transparent and comprehensive data protection laws.Especially under varying state laws and the increasing amount of sensitive data being collected.[5]

Oops something went wrong: