Why are threat actors faking data breaches?

2024-06-24 04:05

The European car rental company immediately launched an investigation, only to discover that the data being sold was completely doctored, possibly using generative AI. Why fake a data breach?

Threat actors can announce a fake data breach, which can spark fears, panic and loss of public confidence, causing the stock prices to drop; in this way, cybercriminals can manipulate the market for financial gain.

Uncovering security processes and setup: Just like you need bait to hook a fish, cybercriminals can use the pretext of a data breach to understand a company's security setup, its security capabilities, processes, and threat response time.

Generative AI tools like ChatGPT can be easily used to generate fake data complete with realistic data sets that include email formats from a real company along with local telephone numbers, and more.

A smart hacker will go to the extra length of researching previous breaches or using an existing data model to reproduce another data set.

When you encounter a leaked data set, compare it with old breach data to assess whether the data is recycled or not.

News URL

https://www.helpnetsecurity.com/2024/06/24/faking-data-breaches/

#breaches #threat