Data exfiltration
Data exfiltration is sometimes referred to as data extrusion, data exportation, or data theft, and it's extremely popular among ransomware affiliates. Almost any threat actor involved in human-operated ransomware attacks has its own Dedicated Leak Site (DLS). They use such websites to publish information about successful attacks and even exfiltrated data if a company refuses to pay the ransom.
The amount of exfiltrated data may be very different. In some cases, it's just a few gigabytes, while in others it may be terabytes. Exfiltrated data may include credit card information, Social Security numbers (SSNs), Personal Identifiable Information (PII), Protected Health Information (PHI), and National Provider Identifiers (NPIs), but are not limited to company private information and proprietary information.
Here's an example of a DLS that belongs to the Conti ransomware:
Figure 2.7 – Conti ransomware DLS
Most such...