SB187 Does not share a file containing PII
Sharing files containing Personally identifiable information (PII) could expose PII to someone other than the intended recipient. The information could then be mis-used or shared further resulting in financial or data losses (e.g. financial fraud and identity theft).
Personally identifiable information (PII) should only be shared with those who need to know, and must be protected according to the relevant data protection legislation. PII in the wrong hands may be leaked or used for malicious purposes. This puts the organisation – and the individual(s) that the PII pertains to – at risk of financial and reputational harm.
Behaviours in SebDB are ranked by their impact on risk. Tier 1 behaviours have the biggest impact, Tier 4 behaviours the least.
Data theft is the intentional stealing of data.
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.