Breach: Any time sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual or entity without authorization.
DDoS: Distributed Denial of Service. An attack that attempts to render an online service unavailable by overwhelming it with traffic from multiple sources.
Digital Privacy Act: Received Royal Assent in June 2015, resulting in a number of significant amendments to Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).
Malware: A general term for code with malicious intent that typically steals data or destroys something on the computer.
PHI: Personal Health Information
PID: Personally Identifiable Data
PIPEDA: The Personal Information Protection and Electronic Documents Act (PIPEDA) is the Canadian federal privacy law for private-sector organizations. It sets out the ground rules for how businesses must handle personal information in the course of commercial activity.
Phishing: An attempt to obtain sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication
Ransomware: A hack where data is stolen or made inaccessible and a demand is made, usually for cash. Also known as an extortion threat.
Threat Agent: An individual or group that can manifest a threat. Does not have to be malicious or intentional.
Whaling: An attack that typically involves a hacker masquerading as a senior executive asking an employee to transfer money.