The loss of control, compromise, unauthorized disclosure, unauthorized acquisition, or any similar occurrence where: a person other than an authorized user accesses or potentially accesses personally identifiable information; or an authorized user accesses personally identifiable information for another than authorized purpose.
Sources:
NIST SP 800-53 Rev. 5
from
OMB M-17-12
NIST SP 800-53A Rev. 5
from
OMB M-17-12
The loss of control, compromise, unauthorized disclosure, unauthorized acquisition, unauthorized access, or any similar term referring to situations where persons other than authorized users, or where authorized users take actions for an other than authorized purposes, have access or potential access to sensitive information, whether physical or electronic.
Sources:
NIST SP 800-175A