Objectives
After completing this lesson, you will be able to:
According to the EU's General Data Protection Regulation (GDPR), personal data is defined as any information relating to a recognized or identifiable person. Personal data can include the following pieces of information:
Personal information as per the list in this lesson is often used by businesses and organizations to send targeted marketing campaigns, provide a smooth customer experience, evaluate a prospect’s credit history, medical research, and other purposes.
You may have received an e-mail from your favorite retailer asking you to purchase items in your cart or informing you of the latest sale. Let’s look at an example of how a retailer uses personal information.
The information gathered allows retailers to provide a more personalized and targeted shopping experience for their customers. However, this kind of information is also very valuable for a threat actor.
Personal data is the most valuable asset online of an organization or individual. While organizations may use your personal data for marketing or user experience purposes, personal data stored in corporate databases can be used for identity theft.
If your personal data falls into the wrong hands, threat actors can use it to do the following:
Businesses who store and process personal data are a target for threat actors because they're more lucrative. Businesses have more resources and funds than individuals. Depending on their motivation, threat actors can attack a business to do the following:
Log in to track your progress & complete quizzes
