Which term describes the unauthorized transfer of data from an information system?

The term that describes the unauthorized transfer of data from an information system is exfiltration. This concept involves the act of removing data from a system without permission, often with the intent to use that data maliciously or for financial gain. Exfiltration can occur through various methods, such as exploiting vulnerabilities, using malware, or through inadvertent sharing.

Understanding exfiltration is essential in the context of cybersecurity, as it highlights the vulnerabilities that organizations must guard against to protect sensitive information. This concept focuses specifically on the unauthorized action of transferring data, distinguishing it from more general terms like data breach, which may refer to any unauthorized access to data rather than the specific act of removal.