Leakware
(also doxware, extortionware)
Leakware definition
Leakware is a subtype of ransomware, which attacks victims by stealing and threatening to leak sensitive or confidential information. Unlike classic ransomware, which infects a system, encrypts files, and demands a ransom, leakware collects sensitive data and threatens to expose it if the victim does not comply with the attacker’s demands.
When leakware infects a system or network, it typically starts by searching for valuable information (personal data, financial records, business secrets, or other compromising material). Once the sensitive data is obtained, the attacker sends a demand to the victim, stating that the stolen information will be made public or sold to third parties unless a ransom payment is made.
See also: data breach
The dangers of leakware
- Sensitive information leakage. Leakware can expose personally identifiable information (PII), financial records, trade secrets, or intellectual property. This can lead to identity theft, financial fraud, or reputational damage.
- Privacy violations. When leakware exposes a victim’s data, it can be misused for targeted advertising, harassment, or unauthorized profiling.
- Legal and regulatory consequences. Organizations that fail to protect their systems from leakware attacks may face legal actions, fines, or penalties for non-compliance with data protection laws and regulations.
- Financial losses. Leakware attacks can lead to financial losses for organizations. This includes costs for incident response, forensic investigations, legal actions, customer notification and support, as well as potential loss of business, customers, and market value.