Data exfiltration is sometimes referred to as data extrusion, data exportation, or data theft. All of these terms are used to describe the unauthorized transfer of data from a computer or other device. According to TechTarget, data exfiltration can be conducted manually, by an individual with physical access to a computer, but it can also be an automated process conducted through malicious programming over a network.
Basically, data exfiltration is a form of a security breach that occurs when an individual’s or company’s data is copied, transferred, or retrieved from a computer or server without authorization, as Techopedia describes. While data exfiltration can be achieved using various techniques, it’s most commonly performed by cyber criminals over the Internet or a network. These attacks are typically targeted, with the primary intent being to gain access to a network or machine to locate and copy specific data.
Data exfiltration can be difficult to detect. As it involves the transfer or moving of data within and outside a company’s network, it often closely resembles of mimics typical network traffic, allowing substantial data loss incidents to fly under the radar until data exfiltration has already been achieved. And once your company’s most valuable data is in the hands of hackers, the damages can be immeasurable.