Some example scenarios:
- A laptop containing sensitive information is stolen (physical intrusion or theft).
- Sensitive information is inadvertently posted on a web site without access restrictions (configuration error).
- Access restrictions are inadvertently changed or removed, exposing the data (configuration error).
- A system compromise raises questions as to the continuing confidentiality of the data (intrusion).
- Key logging software or other spyware is found on a host (malware).
Please refer to the Data Breach Management policy (and related documents).