GLOSSARY / Data Exfiltration

What is Data Exfiltration?

The unauthorized transfer of data out of a system or network.

Attackers stage and compress stolen data, then exfiltrate it over C2 channels, cloud storage, DNS tunneling, or encrypted uploads. In double-extortion ransomware, exfiltration happens before encryption.

Egress monitoring and DLP help detect it.

Related free tools

IOC Extractor → DNS Lookup →

Related terms

Ransomware Command and Control (C2)

Part of the Ciphers Security glossary. Free reference for analysts, defenders & learners.