Types of breaches

A data security breach may occur as a result of a broad range of causes and in a wide variety of circumstances. A data security breach may be caused by:

  • willful or malicious acts by an organisation or individual conventionally referred to as “a bad actor” or “perpetrator” (eg the deployment of malicious code into another organisation’s or individual’s IT systems or IT devices, theft or willful damage to or destruction of data or IT systems or IT devices on which data is stored); or
  • reckless, negligent or careless acts or omissions by an organisation or person.

A data security breach may be caused by a range of acts or omissions by either employees or contractors within an organisation, or acts by organisations or individuals external to an organisation.