Data breach vs. Data leak explained

Data_Breach_vs. Data_leak_explained_zivve_blog_en

Data_Breach_vs. Data_leak_explained_zivve_blog_en

You probably remember when Facebook's founder Mark Zuckerberg testified before the American Congress and UK lawmakers regarding the Cambridge Analytica data leak scandal. The political consulting firm harvested raw data from 87 million Facebook profiles while working for Donald Trump's presidential campaign in 2016. You might also recall the massive data breach incident related to the hotel chain Marriott International which exposed the information of over 500 million customers.  

On the surface, there is no apparent difference between both events. However, they are distinctly opposite in nature. In this article, we will outline the differences in both situations. Additionally, you will learn the steps to take to optimise your data security.

What's a data breach?

A data breach could be a phrase that is more commonly used when talking about the exposure of confidential details from an external data source. A data breach is a direct attack on private data by an unauthorized entity. There are numerous examples of data breaches. For instance, hackers that penetrate a computer database, or somebody who coerces you into giving access to data they should not have. In the case of Marriott International, hackers planted malware in Marriott's systems sometime in 2014 but this was not detected until 2018. It led to the exposure of millions of guests' private data. This could have been detected sooner if the company had practiced standard security audits.

What's a data leak?

Conversely, a data leak is the unauthorized transmission of information from inside an organization to an external recipient(s). The term is used to describe data that is transferred physically as well as digitally. The majority of data leak incidents happen online, more specifically via email and file transfer exchange. These incidents stem from a variety of occurrences, often as emails sent to the wrong individuals due to human error, or specific information being disclosed inadvertently in response to a request. Most of the data leak incidents are unintentional and non-malicious in nature. However, in the case of the Cambridge Analytica leak and other high profile cases widely-reported by the global media, they are often intended to expose or denigrate an institution or an individual(s). It's important to note that these types of data leaks are relatively rare, in comparison with less high profile data leaks that happen every day simply as a result of human error. 

The key distinction of a data leak incident is that it happens from the inside - out. A data breach occurs the other way around, from the outside - in. In regards to the Facebook Cambridge Analytica scandal, it emerged in the form of a whistleblower (a person who speaks out against unethical methods). This person(s) disclosed confidential information obtained while working for the company. It exposed how Cambridge Analytica was gathering Facebook’s user data to manipulate public opinion in an unethical manner (fake news). 

The Marriott International case was classified as a data breach. It was a direct attack from an external entity (hackers) that implanted Remote Access Trojan (RAT) along with MimiKatz, a tool for sniffing out username/password combinations in system memory. Together, these two tools gave the perpetrators control of the administrator account. The actions taken by hackers, along with Marriott International's lackluster data security protocol, created the perfect storm for an online security catastrophe. Hundreds of millions of people had their passport and credit card numbers compromised, which could have disastrous personal impact on the affected individuals. 

How to prevent and mitigate data exposure

Unfortunately, it’s impossible to entirely prevent the threat of data breaches related to 3rd party services, such as social networking websites, ecommerce websites, and other online services. Cybercriminals are always adapting their methods, and it's challenging to stay abreast of their tactics. Nevertheless, there are several techniques you can deploy to reduce the potential threat to your company and customers or other contacts. Security measures regarding data breaches must be addressed on an individual level. It’s recommended to hire an IT security professional to create a custom-made actionable plan for your organization.  

At a minimum, standard cybersecurity practices should always be in place when connecting to online networks, such as:

  • Use a firewall
  • Document your cybersecurity policies
  • Mobile device security protocols
  • Educate all employees regarding data security best practices
  • Enforce safe password practices
  • Regularly backup all data
  • Install anti-malware software
  • Use multifactor identification

On the flip side, data leakage prevention is much simpler. It may come as a surprise, but the primary source of data leaks come down to simple human error caused by staff. In a recent report by the Information Commissioner UK (ICO), human error was responsible for a whopping 88% of all data loss incidents in the UK in 2019. Errors during emailing were responsible for over 60% of the data leaks.

These numbers prove that the implementation of a company-wide secure email platform is imperative, regardless of the size of the organization. Taking this action alone could address up to 60% of the data leakage threat, according to the report.

There are many players in the secure email industry but most of them focus primarily on encryption. There are other secure email platforms such as Zivver which are additionally designed to prevent human error and help mitigate data leaks. Zivver, for example, provides: 

  • Real-time monitoring of recipients, email, and attachments
  • Email retraction
  • Asymmetrical encryption
  • 2FA for accessing emails
  • Outlook plugin
  • Web and mobile applications
  • Guest user support
  • Secure conversation starters
  • Corporate guest branding


There is currently no solution that addresses the threat of data loss from both breaches (external) and leaks (internal). However, the implementation of a secure email platform, combined with standard cybersecurity practices, could significantly diminish the threat of a data leak or breach within an organization. Additionally, if an incident occurs, the simple fact of having established online security protocols would help to mitigate the damage. It also demonstrates to your clients and reporting authorities that your company takes data protection and all that it entails very seriously. In a post GDPR and Data Protection Act landscape, companies can no longer afford to be lax on email and file transfer security. 

Zivver can help your organization become GDPR and DPA 2018 compliant in no time. Check out our pricing plans.

Get started with ZIVVER today

Written by

Renato Zamagna

Originally published on November 28, 2019

Last update on February 5, 2021