Common Data Breach Jargon and What it all Means

Having your data stolen by a cyber-criminal is like any traditional burglary: it leaves you feeling exposed and violated.

But with over 39% of businesses experiencing some sort of data breach in 2021, it’s imperative that you know what these cyber-criminals are capable of and what companies are doing to keep your data safe.

Data breaches are notoriously difficult to understand because of the complicated, technical jargon that goes with them.

Because we’re a law firm that believes in using plain, simple English over complex “lawyer-speak”, we’ve written this data breach jargon buster to help you translate the overly complicated terms.

Bookmark this article and refer back to it if you’re worried about the safety of your data or if you think your data might have been breached.

What is a data breach?

Advances in technology are making our lives easier: we can do our weekly shop without leaving the house. We can get Alexa to “turn the lights on” without getting up, and we can even turn the oven on when we’re miles away from home.

But this easy life comes with a price.

As technology is advancing, we’ve come to expect quick and easy transactions and personal and intuitive digital experiences with the companies we use. To meet these high expectations, companies are having to collect and store more and more of our personal data.

If the systems and software they’re using to collect and store our data aren’t secure enough, or if the processes they’re using to collect and store our data are inadequate, we’re left exposed to cyber criminals.

When these modern-day thieves hack into our computers and steal our data, identity or money, it’s classed as a data breach.

If your personal data has been exposed to cyber criminals because an organisation failed to keep it safe, our Data Breach Solicitors could help you make a claim for compensation.

Call us on 0808 239 9426 or request a callback

Common data breach terms and what they mean

Here are some common data breach terms which will help you understand how to keep your data safe, or if you’ve been exposed to a data breach, help you to identify what’s happened.

Detecting or preventing data breaches


A firewall sits on your computer and monitors incoming and outgoing traffic. If it detects something suspicious, it will block it.

Antivirus software

This is a program that’s used to detect and remove or neutralise any malicious code or viruses that are on your computer or network.

Antispyware software

Antispyware software is a programme that detects and blocks spyware. Spyware is a type of malicious software that monitors your activity and collects sensitive information like account information, logins and financial data.


Encryption is where original data (called plaintext) is converted into ciphertext. It stops hackers from stealing data because they’ll need a special key to access it once it’s been encrypted.


If something has been pen tested it means that a website or software tester has used hacker tools and techniques to test the security of a website, system, piece of software or application. They’ll try and break the code to expose vulnerabilities and security flaws, like a real-life hacker would do.

GDPR (General Data Protection Regulation)

This is something you should see a lot. Organisations that handle data are required by law to follow a strict set of guidelines to make sure that the processes they use to collect, process and store your personal information keeps your data safe and secure.

Information Commissioner’s Office (ICO)

The ICO is an independent authority that has the power to impose hefty fines on organisations that have breached their duty of care when it comes to keeping your data safe.

Types of data breaches or cyber attacks

Physical data breach

This refers to the physical theft of documents or equipment containing confidential data. Items at risk of a physical data breach include laptops, computers, external hard drives, cardholder receipts or sensitive documents and files.

Electronic data breach

An electronic breach is a deliberate attack on a system or network where cardholder data is processed or stored.


If you hear the term skimming, it means that a hacker has used an external device, often installed on organisations point of sale (POS) system, to capture the magnetic stripe data on the back of credit cards.

White hat hackers

White hat hackers are the good wizards of the data breach world. They gain access to sensitive data, but with consent, so it’s completely legal. Pen testers are often called white hat hackers.

Black hat hackers

Black hat hackers are the wicked witches of the data breach world. They’re the ones that will break into a network without consent, steal information and then use it to harm you. Black hat hackers are criminals and what they do is illegal. If a company has been targeted by a successful black hat hacker, this is where you could be eligible to make a claim.


This is an umbrella term that describes all malicious software that’s been designed to wreak havoc on a computer. Common forms of malware include things like trojans, worms, rootkits and ransomware.


This software holds your data hostage by preventing you from accessing certain files on your computer. Ransomware usually encrypts files and then demands a ransom for them to be decrypted or unlocked.

Trojans (or Trojan Horses)

This is malicious software that looks legitimate but can take control of your computer. It tricks you into loading the software onto your device and then it gains access to all your data. For example, have you ever received a credible looking email that asks you to click a link or download an attachment, but when you dig deeper, you find it’s from a weird email account? That’s probably a Trojan.


If you’re on a connected network, like at work for example, this nasty bit of software can replicate itself and spread infection to the other computers in the network.


This type of software allows cyber criminals to control your computer remotely. Rootkits are hard to detect which makes them incredibly dangerous. They could live in your computer, monitoring your activity and stealing your data for months on end.

Phishing (or Spear Phishing)

Phishing is a technique used by hackers to steal sensitive information. A bit like a Trojan, they might send you a legitimate looking email, often from your bank or insurance company, but instead of getting you to click or download an attachment, they’ll ask you for personal or confidential data such as passwords or account information.

This is by no means a complete list of all the various data breach terms out there. But it should give you a basic understanding of what a data breach is and what companies should be doing to protect you from cyber criminals.

What to do if your data has been breached

But, if the worst happens and you find that your data has been compromised, if we can prove that the company who was responsible for collecting and storing your data was negligent, then we could help you to secure compensation.

If you’re not sure if this applies to you, give us a call and we can assess your situation and see if we can help you.

For free legal advice call our Professional Negligence Solicitors

We're happy to help

Monday to Friday 8:30am-7:00pm

0808 239 9426

0808 239 9426

We're happy to call you

Simply click below to arrange a call

Request a Call Back

Request a Callback

This data will only be used by Simpson Millar in accordance with our Privacy Policy for processing your query and for no other purpose

Simpson Millar Solicitors are a national law firm with over 500 staff and offices in Billingham, Bristol, Cardiff, Catterick, Lancaster, Leeds, Liverpool, London and Manchester.