Definition:Data breach

🔓 Data breach is an incident in which sensitive, protected, or confidential information is accessed, disclosed, or exfiltrated by an unauthorized party. In insurance, data breaches are both a major covered peril under cyber insurance policies and an operational risk that carriers themselves face given the vast stores of personally identifiable information and financial data they hold on policyholders.

📂 When a breach occurs, the affected organization typically faces a cascade of costs: forensic investigation to determine the scope and vector of intrusion, notification of impacted individuals as required by data protection laws, credit monitoring services, legal defense, regulatory fines, and potential liability from class-action litigation. A cyber policy's first-party insuring agreements generally respond to the direct costs — forensics, notification, crisis management, and business interruption — while third-party provisions address defense and indemnity for claims brought by affected parties. The speed and competence of the insured's incident response can dramatically influence both the total cost and the reputational fallout.

📈 Breach frequency and severity have climbed steadily, driven by expanding attack surfaces, ransomware monetization, and the growing value of personal data on illicit markets. For underwriters, this trend demands continuous reassessment of pricing adequacy and limit deployment. Regulators worldwide — from U.S. state attorneys general to the European Union under GDPR — have sharpened enforcement, raising the financial stakes for any organization that fails to protect the data entrusted to it. The interplay between evolving breach tactics and tightening legal obligations keeps data breach at the center of the cyber risk conversation.

Related concepts