Dumpster-Diving Attack: Difference between revisions
Fix typo |
I'm not sure this article, at least in their current form, really relates to consumer protection? it seems much more like a general privacy/cybercrime issue |
||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
{{ | {{Irrelevant}} | ||
A dumpster-diving attack is an attack where a malicious actor collects disposed-of sensitive data, commonly in the form of storage devices. The target of this type of attack can be a large business or an individual. | A dumpster-diving attack is an attack where a malicious actor collects disposed-of sensitive data, commonly in the form of storage devices. The target of this type of attack can be a large business or an individual. | ||
==How it works== | ==How it works== | ||
Due to how most storage devices work, files that are deleted by the user are not immediately deleted; instead, they are marked as available to be overwritten. | Due to how most storage devices work, files that are deleted by the user are not immediately deleted; instead, they are marked as available to be overwritten.<ref> https://www.howtogeek.com/125521/htg-explains-why-deleted-files-can-be-recovered-and-how-you-can-prevent-it/</ref> This allows deleted files on disposed storage devices to be recovered using data recovery tools. | ||
This attack is not limited to storage devices; paper records can also be used to extract sensitive information. | This attack is not limited to storage devices; paper records can also be used to extract sensitive information. | ||