Certified Information Privacy Professional – Europe (CIPP/E) — Question 244

According to the EDPB Guidelines 01/2021 on Examples regarding Personal Data Breach Notification, if exfiltration of job application data (submitted through online application forms and stored on a webserver) resulted in personal information being accessible to unauthorized persons, this would be primarily considered what kind of breach?

Answer options

• A. An integrity breach.
• B. An accuracy breach.
• C. An availability breach.
• D. A confidentiality breach.

Correct answer: D

Explanation

The correct answer is D, as the unauthorized access to personal information indicates a loss of confidentiality. Options A, B, and C refer to other aspects of data integrity, accuracy, and availability, which are not the primary concern in this scenario where unauthorized individuals can access sensitive information.