Which of the following are considered cybersecurity breaches?

All of the listed choices—Distributed Denial of Service (DDoS) attacks, spyware, and impersonation—are indeed recognized as forms of cybersecurity breaches because they involve unauthorized access or misuse of data and systems.

A DDoS attack overwhelms a targeted service, making it unavailable to users. This is a breach because it disrupts the normal functioning of networked services, demonstrating an attacker’s ability to affect operations without authorized access.

Spyware is malicious software designed to infiltrate systems and gather sensitive information without the user's knowledge or consent. This directly compromises the confidentiality and integrity of data, thereby constituting a breach of cybersecurity.

Impersonation involves deceiving individuals or systems by pretending to be someone else, often to gain access to protected resources or sensitive information. This type of behavior undermines trust and security protocols, qualifying it as a cybersecurity breach.

Since all three scenarios represent effective violations of security measures, recognizing them collectively under the umbrella of cybersecurity breaches makes sense.