A breach of security leading to the destruction, loss, alteration, or unauthorized disclosure of or access to personal data.
A personal data breach is any security failure that compromises personal data, whether through loss, theft, accidental disclosure, or unauthorized access. It is not limited to malicious attacks; a lost laptop or a misdirected email can qualify.
Under the GDPR many breaches must be reported to the supervisory authority within 72 hours, and affected individuals must be told when the risk to them is high.
KaitoSec