What term describes when classified data or controlled unclassified information is introduced to an unclassified computer system or a system at a lower classification level than the data?

Data spill describes the situation where classified data or controlled unclassified information ends up on an unclassified computer system or on a system at a lower classification level than the data. This creates a confidentiality risk because sensitive information is placed in an environment that isn’t authorized or protected to handle it. Think of saving a classified document to a personal or unclassified computer, sending controlled information to an unclassified email, or transferring data to a USB drive connected to an unclassified network. Declassification would be about formally lowering the data’s classification, not about moving it into a less-secure environment. Damage assessment and debriefing address different parts of an incident lifecycle.