1. A violation of the security policy of a system such that an unauthorized disclosure, modification, or destruction of sensitive information has occurred.

Source: The State and Local Election Cybersecurity Playbook, Harvard Kennedy School Belfer Center for Science and International Affairs,

2. The known or suspected exposure of clandestine personnel, installations, or other assets or of classified information or material, to an unauthorized person. (JP 1-02).

3. A communication or physical transfer of classified information to an unauthorized recipient. (DoDD 5200.1, DoD Information Security Program, 13 Dec 1996).

4. An unauthorized disclosure of classified information. (DoD 5200.1R, Information Security Program, Jan 1997 and DoD 5220.22-M, NISPOM, 28 Feb 2006).

5. The disclosure or release of classified information to unauthorized person(s). (IC Standard 700-1, 4 Apr 2008).

6. Type of incident where information is disclosed to unauthorized individuals or a violation of the security policy of a system in which unauthorized intentional or unintentional disclosure, modification, destruction, or loss of an object may have occurred. (CNSS Instruction No. 4009) .

Source: Terms & Definitions of Interest for DoD Counterintelligence Professionals, Office of the National Counterintelligence,

7. Unauthorized access to a computer, network, data, or system.

Source: U.S. Cyberspace Solarium Commission, March 2020,