Spillage

In cybersecurity, spillage (also called a data spill) occurs when classified or sensitive information is placed on a system that is not authorized to handle that level of information. For example, if CUI ends up on a system outside your CUI enclave, or if classified information ends up on an unclassified system — that's a spillage incident.

Spillage requires immediate containment and remediation — the affected systems may need to be isolated, cleaned, or even destroyed depending on the sensitivity of the spilled data. Spillage incidents must be reported through appropriate channels and are taken very seriously in the DoD.

Why It Matters

CUI spillage outside your controlled environment is a security incident that may require DoD notification. Understanding what constitutes spillage and having procedures to detect, contain, and report it demonstrates mature data handling practices to assessors.

Related Resources

NIST 800-53: IR-9