Data Breach vs. Data Leak: What's the Difference?

Edward Kost
Edward Kost
updated Aug 08, 2022

Simply put, a data leak is when sensitive data is unknowingly exposed to the public, and a data breach is an event caused by a cyberattack.

An example of a data leak is a software misconfiguration facilitating unauthorized access to sensitive resources - such as the major Microsoft Power Apps data leak in 2021.

An example of a data breach is a cybercriminal overcoming network security controls to gain access to sensitive resources. These cyber events are more common, and there are plenty of examples supporting this claim.

The outcome of data leaks and data breaches is the same - sensitive data is compromised. The primary differentiator between the two events is the impetus leading to this objective.

Data breaches require an external trigger to initiate a process leading to data compromise. This trigger is usually an action performed by a cybercriminal, such as a phishing attack.

Data leakage, on the other hand, results from an internal trigger. Internal security teams could overlook a software vulnerability exposing confidential data, or insider threats could purposely establish attack vectors for hackers to access sensitive data.

Data loss is another term commonly associated with data leaks and data breaches. Data loss occurs when sensitive data is irrevocably lost, either through theft or deletion. Data loss prevention (DLP) strategies aim to confine sensitive data within a set boundary to prevent its transfer into hostile environments.

Learn more about the differences between data leaks, data breaches, and data loss.

What is Considered a Data Leak?

Any internal event exposing confidential information to an insecure environment that isn't a cyberattack is considered a data leak.

These events can be both digital and physical. Physical data leaks, such as insider threats, are more difficult to intercept because you're usually contending with a strategizing adversary rather than a static digital exposure.

graphic showing sensitive data being exposed through it boundary

Besides insider threats, a physical data leak could include insecure physical devices storing sensitive information, such as passwordless external hard drives. The inclusion of physical events widens the scope of data leaks and further differentiates them from data breaches, since breaches only occur in the digital realm.

Security policies and data security strategies must consider the diversity of data leak types to maximize the potential of mitigation efforts.

The types of data commonly exposed in a data leakage include:

  • Personal Identifiable Information (PII)
  • Social security numbers
  • Trade secrets
  • Credit card numbers
  • Financial information
  • Intellectual property
  • Personal data
  • Medical or Personal Health Information (PHI)

Examples of Events that Cause Data Leaks

Some examples of security incidents that cause data leakage include:

Though an external factor causes these events, social engineering could also be considered a data leak vector. This is because the information exposed in a successful social engineering attack isn't always sensitive enough to be considered a breach. The bounty from these attacks provides just enough ammunition to access a private network and initiate a data breach campaign.

Learn more about social engineering.

What is Considered a Data Breach?

Any event that exposes sensitive data due to cybercriminal activity is considered a data breach.

graphic showing  cybercriminals accessing sensitive data through it boundary

Data breaches and their associated damage costs are currently climbing a steep trend. The average cost of a data breach in 2021 was $US 4.24 million, a record high.

line graph average cost of data breaches

Data breaches have been around longer than data leaks. The recent explosion of digital transformation placed data leaks in the cybersecurity spotlight due to the resulting rapid expansion of the attack surface.

Because of this, data protection and security measures specific to data security are now becoming standard components of cybersecurity programs.

Examples of Events that Cause Data Breaches

Some examples of security incidents that lead to data breaches include:

How to Prevent Data Breaches and Data Leaks in 2022

The motivation to prevent these cyber events should be more than just to avoid identity theft. Incident response policies must address these events because most security regulations, such as HIPAA and the GDPR, enforce this level of due diligence.

The price for non-compliance is high, especially for highly regulated industries like healthcare and finance.

The following best cybersecurity practices could help prevent data leaks, data breaches, and the considerable costs of these events:

  • Monitor your internal and external attack surface for security exposures
  • Implement a data leak detection solution
  • Teach staff how to recognize and block social engineer attempts through educational webinars
  • Use multi-factor authentication
  • Use a Single-Sign-On solution to mitigate weak passwords and password recycling.
  • Monitor all network access
  • Encrypt data in rest and transit
  • Secure all privileged access accounts
Free

UpGuard logo in white
UpGuard free resources available for download
Learn more

Download our free ebooks and whitepapers

Insights on cybersecurity and vendor risk management.
UpGuard logo in white
eBooks, Reports & Whitepapers
UpGuard free resources available for download
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Deliver icon

Sign up to our newsletter

Get the latest curated cybersecurity news, breaches, events and updates in your inbox every week.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating