Glossary
Data breach
A data breach is when personal data ends up accessed, leaked or stolen by people who shouldn't have it. Under the GDPR, companies must notify the authority within 72 hours of becoming aware, and warn you directly when the risk to you is high.
Breaches happen to companies of every size, through hacking, lost laptops, misconfigured servers, or a simple bug. The GDPR doesn’t pretend they’re avoidable; it regulates what must happen next. The company has to notify its data protection authority within 72 hours of becoming aware of the breach, and inform the affected people directly when the risk to them is high.
What does this have to do with AI chatbots? Two things, stated calmly. First, your chat history is a database like any other: if a provider is breached, conversations could be exposed: one more reason not to leave passports, passwords or IBANs sitting in old chats. Second, if you run a business and an AI tool holding your customer data is breached, you may have notification duties of your own; your authority’s website explains the procedure.
Your practical layer of defense costs nothing: enable two-factor authentication on your AI accounts, delete chats you no longer need, and keep truly sensitive data out of prompts. The paste checker helps you draw that line.
Where you’ll meet this
- Breach notification emails (“we are writing to inform you of a security incident”)
- Chatbot privacy policies, in the security and incident-response sections
- Your national data protection authority’s pages on reporting a breach
Related terms
Put it to work
- Free Skuto Paste Checker Check before you paste: pick what you're about to share and which AI you use, and see in seconds if it's safe — with the vendor's actual terms and a safer alternative.
- Free Get More From AI Already using AI but feel you're scratching the surface? Answer a few questions and get a personal plan to level up: the right assistant for what you do, the plan that's actually worth it, and the settings and prompts that unlock more.