Is a ransomware infection a data breach or the exact opposite?
I would want to know the details of how the infection happened. I’m reading about RATs that egress sensitive data and also have the capability to deliver ransomware. I’d want to know root cause before drawing that conclusion.
Looks like we might have an example of this and it was reported by ZDNET this morning! The company was hacked, the data was stolen and the company was blackmailed. Upon failing to pay the "hostage fee/ransom the data was made public. No encryption of their in place data.
Failed blackmail attempt prompts hackers to leak ocean of data belonging to major companies.The data was published following an unsuccessful attempt to exhort Citycomp.
“Since Citycomp does not comply with blackmail the publication of customer data could not be prevented,” the IT provider says. “The stolen data has now been published by the perpetrators and Citycomp’s customers were informed about it.”
One of the definitions for data breach I’ve seen also includes “loss of control” of data. Under that definition, any ransomware infection would be a breach.
Welcome to the community Scott. I tend to agree with you.