The submitted title ("Emails sent to the wrong people are data breaches now?") broke the HN guidelines by editorializing. Please don't do that. The rule here is to use the original title, unless it is misleading or linkbait. In the latter case, please rewrite it in an accurate, neutral way, preferably using representative language from the article itself.
They always have been. In what world would sending confidential information to someone who isn't supposed to have access to it not be considered a breach? Intent doesn't matter in these situations.
Guess it's about intent. They write "data spillage" which I take as "accidently sent to wrong people" while "data breach" which I would take as "someone took the data with intent to spread it".
From the article:
> Personal information can be used by criminals or entities to steal identities, commit bank and credit fraud, or phishing schemes.
Getting a bit tired of this. You can't really steal someones identity. But a criminal could use this to commit fraud, but you still have your own identity.
Guess it's the same as with piracy. It's not really stealing so much as copying, but everyone calls it stealing...
The top result on Google just says, “A data breach is a confirmed incident in which sensitive, confidential or otherwise protected data has been accessed and/or disclosed in an unauthorized fashion.”
Depends. If it's within your own org, there are often ways to server-side remove the email from everyone's account. I've seen it happen with an Outlook/exchange setup before.
Outlook also offers the ability to draw attention to your email by sending out a "The sender of this email would like to recall it. Please click okay when you're done reading whatever they sent and want to delete it."
>“The Marine Corps takes the protection of individual Marines’ private information and personal data very seriously, and we have steps in place to prevent the accidental or intentional release of such information,” Aranda said.
https://news.ycombinator.com/newsguidelines.html