Security glossary
Data breach vs data leak: what is the difference?
A breach usually means unauthorized access. A leak usually means data became exposed through poor controls or accidental disclosure.
Last reviewed: 2026-05-23
In plain English
People often use the words interchangeably, but the distinction helps when reading incident reports.
Both can create real risk, even when full technical details are still developing.
What matters most for users is practical response: credential hygiene, MFA, and phishing caution.
Real-world example
A stolen admin credential is typically described as a breach, while a misconfigured cloud bucket is often described as a leak.
What you should do
- Read official updates for exact data classes affected.
- Take baseline protections before final reports are published.
- Track incident updates over time, not just first headlines.
Related terms
What does dark web exposure mean?
Dark web exposure means your data is reported as circulating in underground markets or forums, often packaged with other leaked data.
What is identity theft risk after a breach?
Identity theft risk means exposed personal details could be used to impersonate you for fraud, account creation, or social scams.
What is phishing?
Phishing is when attackers pretend to be trusted brands or people to trick you into giving passwords, codes, or payment details.