SB186 Does not post PII in a public channel
Posting Personally identifiable information (PII) in a public channel allows anyone to view the information and potentially use it. The consequences could lead to financial or data losses (e.g. financial fraud and identity theft).
Personally identifiable information (PII) should only be shared with those who need to know, and must be protected according to the relevant data protection legislation. PII in the wrong hands may be leaked or used for malicious purposes. This puts the organisation – and the individual(s) that the PII pertains to – at risk of financial and reputational harm.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Data theft is the intentional stealing of data.
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.