Surely allowing access to this personal data via a public API is a data breach? Its just taking it from something that shouldnt have exposed it rather than hacking into a system
Yeh.
Same as if it was a CSV mailing list on an unprotected URL or whatever.
The term “data breach” suggests there was security there to be breeched. Maybe it needs a better term?
Surely allowing access to this personal data via a public API is a data breach? Its just taking it from something that shouldnt have exposed it rather than hacking into a system
Yeh.
Same as if it was a CSV mailing list on an unprotected URL or whatever.
The term “data breach” suggests there was security there to be breeched. Maybe it needs a better term?
Data leak? In the security field, they categorize it as “information disclosure”… But it doesn’t have the same level of gravitas to it