Personal tools

Major Incident


A breach constitutes a "major incident" when it involves PII that, if exfiltrated, modified, deleted, or otherwise compromised, is likely to result in demonstrable harm to national security interests, foreign relations, or economy of the United States, or to the public confidence, civil liberties, or public health and safety of the American people. An unauthorized modification of, unauthorized deletion of, unauthorized exfiltration of, or unauthorized access to 100,000 or more individuals' PII automatically constitutes a "major incident."

While the definition of Major Incident includes a numerical threshold, the Department’s Senior Agency Official for Privacy (SAOP) will consider the character of the PII and the circumstances of the breach in making this determination, particularly where sensitive or High Risk PII (as defined below) is involved. Accordingly, in some instances breaches impacting fewer than 100,000 individuals may constitute a Major Incident. Additionally, breaches of sensitive or High Risk PII of individuals approaching or exceeding the 100,000 individual threshold may be a Major Incident even if there is no direct evidence of unauthorized access, deletion, or access.

No items have been linked to this term.
  • Information and Analysis
  • Security

Document Actions