What is the term for transferring data to unauthorized external domains?

Transferring data to unauthorized external domains is specifically referred to as data exfiltration. This term encompasses the unauthorized transfer of sensitive information outside of an organization’s secure environment, typically with malicious intent. Data exfiltration often occurs through various methods, such as hacking, social engineering, or the use of removable media.

Understanding this term is essential in the context of counterintelligence, as it directly relates to the unauthorized movement of potentially classified or sensitive data, which poses significant risks to an organization. Identifying and mitigating data exfiltration helps safeguard against potential espionage or data breaches that could compromise security.

Other terms like data theft and information leakage may seem related but have distinct meanings and contexts. Data theft typically refers to the act of stealing data outright, while information leakage can refer to inadvertent exposure of data, which doesn't necessarily involve intentional transfer to external domains. A data breach usually indicates an incident where data is accessed or obtained by an unauthorized individual, but this doesn't explicitly imply the act of transferring data to external domains as data exfiltration does.