Cyber insurance glossary

Data Breach

Unauthorized access, acquisition, or disclosure of sensitive information such as PII, PHI, payment data, or confidential client records.

Plain-English definition

What Data Breach means in cyber insurance

Unauthorized access, acquisition, or disclosure of sensitive information such as PII, PHI, payment data, or confidential client records. In a cyber policy, the exact wording matters because the same term can affect whether a claim is covered, which sublimit applies, how fast the carrier must be notified, and which vendors can be used.

How it shows up in a policy

Data Breach may appear in coverage grants, exclusions, sublimits, definitions, conditions, or underwriting questions. It should be reviewed in context rather than treated as a standalone buzzword.

Why buyers should care

Cyber losses often move quickly. A term that looks technical before a claim can become very practical when deciding who pays for forensics, legal response, restoration, downtime, fraud, or defense.

What to ask before binding

Review breach response costs, forensics, legal counsel, notification, call center, credit monitoring, regulatory defense, and media/PR response.

Example scenario

How Data Breach can affect a claim

An attacker obtains employee Social Security numbers, customer records, health information, payment data, or confidential files from email, cloud storage, a vendor, or an internal system. The policy response depends on definitions, exclusions, notice conditions, sublimits, waiting periods, and whether the insured followed required claim procedures. That is why we review this term before a claim, not after.

Policy review checklist

Definition

Does the policy define the term broadly enough for the way your business actually operates?

Sublimit

Is the amount available realistic, or is it a small carve-back inside a larger limit?

Conditions

Do you need carrier consent, specific vendors, callback procedures, or immediate notice before coverage applies?

Related coverage

Does the term overlap with crime, professional liability, tech E&O, property, or general liability coverage?

Common questions

Is Data Breach automatically covered?

No. It depends on the policy form, definitions, exclusions, sublimits, and facts of the incident. Similar terms can be handled differently by different carriers.

Can this affect pricing?

Yes. If a term points to higher expected claim severity, weaker controls, or a requested sublimit increase, it can affect premium, retention, eligibility, or underwriting requirements.

All glossary terms Coverage guide Get my indication →

Policy wording depth

Why Data Breach matters when comparing policies

Data Breach is not just a vocabulary term. In a cyber policy, a definition can decide whether the event falls under breach response, cybercrime, extortion, business interruption, privacy liability, regulatory defense, or a narrower sublimit. The same phrase can also appear in an exclusion, application warranty, claim condition, or endorsement.

That is why we read glossary terms back into the actual form. A buyer should know where the term appears, what dollar amount applies, what steps must be followed after a loss, and whether another policy such as crime, tech E&O, professional liability, property, or general liability needs to coordinate with the cyber policy.

Claim trigger

Ask what event must happen before Data Breach becomes relevant. Some terms require unauthorized access, some require a privacy breach, some require system interruption, and some require a financial transfer.

Dollar impact

The main policy limit may not be the amount available. Sublimits, coinsurance, waiting periods, retentions, defense-within-limits wording, and vendor costs can change the practical value.

Procedure impact

Cyber policies often require quick notice, approved vendors, carrier consent, preservation of evidence, and cooperation with breach counsel. Missing the process can create unnecessary coverage friction.

Broker reading checklist

Coverage grant

Find the section that affirmatively covers Data Breach, then read the definitions that control it.

Exclusions

Check for exclusions tied to prior knowledge, failure to maintain controls, fraudulent acts, infrastructure failure, war, bodily injury, or contractual liability.

Sublimits

Confirm whether the term has its own smaller amount, separate retention, coinsurance, or waiting period.

Other policies

Compare with crime, tech E&O, professional liability, property, and general liability so the buyer knows where one policy stops and another may begin.

Common questions

Does every carrier define Data Breach the same way?

No. Cyber forms vary widely, especially around cybercrime, business interruption, dependent systems, privacy liability, extortion, and control warranties. The definition should be checked on the exact quote form.

Can this change the premium?

Yes. Terms connected to higher claim severity, weak controls, higher limits, or broader triggers can affect pricing, eligibility, retention, and subjectivities.

What should I ask before binding?

Ask where the term appears, what limit applies, what evidence is needed for a claim, what vendors must be used, and whether any application answer could restrict coverage later.

Review discipline

What we document for Data Breach

A complete cyber recommendation should leave a clean trail: why the limit was selected, which markets were compared, what controls affected eligibility, which sublimits were accepted, and what the insured should improve before renewal. That record matters because cyber claims are operational events, not just insurance paperwork.

We also separate what is known from what still needs underwriting confirmation. Carrier appetite, rating, issuing paper, state availability, subjectivities, taxes, fees, and final forms can change before binding. The buyer should understand those moving parts before treating any indication as final.