New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

IAPP Exam CIPP-E Topic 1 Question 94 Discussion

Actual exam question for IAPP's CIPP-E exam
Question #: 94
Topic #: 1
[All CIPP-E Questions]

According to the EDPB Guidelines 01/2021 on Examples regarding Personal Data Breach Notification, if exfiltration of job application data (submitted through online application forms and stored on a webserver) resulted in personal information being accessible to unauthorized persons, this would be primarily considered what kind of breach?

Show Suggested Answer Hide Answer
Suggested Answer: D

According to the EDPB Guidelines 01/2021 on Examples regarding Personal Data Breach Notification, a confidentiality breach occurs when personal data is disclosed or made available to unauthorized persons. This is the case when exfiltration of job application data from a website results in personal information being accessible to unauthorized persons, such as hackers or competitors. This type of breach may pose a high risk to the rights and freedoms of the data subjects, as it may lead to identity theft, fraud, discrimination, or reputational damage. Therefore, the data controller should notify the data subjects without undue delay, unless the data is encrypted or anonymized, or the controller has taken subsequent measures to ensure that the high risk is no longer likely to materialize.


Contribute your Thoughts:

Josephine
2 months ago
D) A confidentiality breach. Easy peasy. Although I did chuckle at the thought of it being an 'accuracy breach' - like, 'oops, we accidentally leaked all your private info, my bad!'
upvoted 0 times
Myra
1 months ago
D) A confidentiality breach. Yeah, definitely not an 'accuracy breach'!
upvoted 0 times
...
Vallie
1 months ago
D) A confidentiality breach. Easy peasy.
upvoted 0 times
...
Lindy
2 months ago
D) A confidentiality breach.
upvoted 0 times
...
Lenny
2 months ago
C) An availability breach.
upvoted 0 times
...
Stevie
2 months ago
B) An accuracy breach.
upvoted 0 times
...
Anjelica
2 months ago
A) An integrity breach.
upvoted 0 times
...
...
Kaycee
2 months ago
Hmm, I was debating between C and D, but D makes the most sense. Can't really call it an availability breach if the data was just accessed, not necessarily deleted or modified.
upvoted 0 times
Tiera
2 months ago
Definitely a confidentiality breach, as the unauthorized access compromised the confidentiality of the data.
upvoted 0 times
...
Albina
2 months ago
Confidentiality breach makes sense, as the personal information was exposed to unauthorized individuals.
upvoted 0 times
...
Renea
2 months ago
Yeah, the data being accessed by unauthorized persons definitely falls under confidentiality breach.
upvoted 0 times
...
Aracelis
2 months ago
I agree, it would be a confidentiality breach since unauthorized persons accessed personal information.
upvoted 0 times
...
...
Derick
3 months ago
I'm not sure, but I think it could also be considered an availability breach since the data might not be available to the rightful owner.
upvoted 0 times
...
Aracelis
3 months ago
I agree, D is the correct answer. This is a textbook example of a confidentiality breach. Seems pretty straightforward to me.
upvoted 0 times
Nohemi
2 months ago
I agree, D is the correct answer. This is a textbook example of a confidentiality breach. Seems pretty straightforward to me.
upvoted 0 times
...
Lettie
2 months ago
D) A confidentiality breach.
upvoted 0 times
...
Dean
2 months ago
C) An availability breach.
upvoted 0 times
...
William
2 months ago
B) An accuracy breach.
upvoted 0 times
...
Bernardine
2 months ago
A) An integrity breach.
upvoted 0 times
...
...
Catherin
3 months ago
I agree with Sherita, personal information being accessible to unauthorized persons definitely sounds like a confidentiality breach.
upvoted 0 times
...
Sherita
3 months ago
I think it would be a confidentiality breach.
upvoted 0 times
...
Sarah
3 months ago
D) A confidentiality breach. That's the obvious answer here - the unauthorized access to personal data is a clear breach of confidentiality.
upvoted 0 times
Jeanice
2 months ago
D) A confidentiality breach. That's the obvious answer here - the unauthorized access to personal data is a clear breach of confidentiality.
upvoted 0 times
...
Rikki
3 months ago
A) An integrity breach.
upvoted 0 times
...
...

Save Cancel