We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Technology

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What is a Security Breach?

By C. Mitchell
Updated: Jan 24, 2024
Views: 19,358
Share

Broadly speaking, a security breach is a violation of any policy or law that is designed to secure something. When people or vehicles bypass screening checkpoints, or enter secure buildings without presenting the appropriate credentials, security breaches are generally obvious. Less obvious are security breaches that involve data or information. In a data context, a security breach is any activity that compromises the confidential nature of certain information.

Most of the time, what is or is not a security breach is defined by law. Statutes in many countries set out security measures for any number of things, from border crossings to data sharing and electronic commerce transactions. A breach is usually defined as any action, intentional or otherwise, that weakens a certain defined security interest.

The best-known security breaches typically cause some noticeable harm. An airport security breach that allows a passenger to board a plane with a weapon, or a data loss that leads to identity theft are clear examples. Under most security breach laws, however, harm is not always a requirement. The threat of harm, or likelihood of harm, is usually enough.

Security breach laws in most countries operate on a likelihood of harm basis both to create incentives for strong security practices and to punish bad actions without waiting to see if someone or something gets injured first. Although punishments for breaches can be strict under law, the overriding goal is usually safety. Particularly where data breaches and information security breaches are concerned, even a likelihood of harm is often enough to prompt major protective actions.

As more and more sensitive information is stored online, the chances of Internet security breach and computer security breach become increasingly real, and with it the chance of identity theft, serious financial loss, or other harm. The majority of data security laws require any entity that regularly collects or stores sensitive information to take certain precautions when it comes to securing that information. Most of the time, data must be protected with a series of passwords and electronic keys. Mobile data, particularly including data stored on employee laptops or other portable hardware, must usually be protected against inadvertent disclosure or data breach in case of loss or theft.

Laws are often further specialized by industry. Many countries have health data security laws that are different than laws governing financial information and the possibility of credit card security breach, for instance. Each country, and sometimes within each country, each state or province, has different laws and mandatory security policies. Most also have laws related to how impacted individuals must be notified in case their information has been part of a security breach. Patients whose files were inadvertently posted to the Internet, students whose academic records were hacked from a university database, and others whose information was in any way compromised are generally entitled to at least notification, if not also remuneration and restitution.

The differences between what laws require can make it difficult for companies operating in multiple jurisdictions to ensure that their security practices are universally compliant. As the laws change and evolve with technology, so must individual security procedures. Most of the time, companies employ compliance officers, lawyers, and data security analysts to oversee all data and other information exchanges and to ensure that all relevant security laws are being followed.

Share
WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.

Editors' Picks

Discussion Comments
Share
https://www.wise-geek.com/what-is-a-security-breach.htm
Copy this link
WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.