Data theft

from Wikipedia, the free encyclopedia

The term data theft, as well as the common term data theft, denote an offense in which someone obtains secret or personal data without authorization .

process

The term data theft is actually incorrect in the digital world , as the data is usually not stolen but rather copied without authorization. If the data theft occurs by influencing data processing , it is also referred to as computer fraud.

The data can be taken from letters , by skimming or from the computer infrastructure, for example. Computer criminals can also use phishing , vishing or snarfing to gain access to data without being noticed . Often a user is faked to the side of a known Internet service in order to illegally get to the data or to gain access to the corresponding user account.

Even ATMs are common and in many ways target of attackers who want to come into possession of information about the registration of such devices, such as the account number or personal identification number (PIN) .

abuse

In many cases, stolen data is collected and used , for example, stand out for illicit money to fake identities or trade secrets exploit. However, stolen data can also be published or leaked to the legal authorities, which in certain cases is seen as a kind of "whistleblowing" .

Known data thefts were carried out by Bradley Manning , Edward Snowden and Hervé Falciani .

In some cases several million passwords are stolen from servers on the Internet, for example to compromise e-mail accounts by misusing them to send spam .

Countermeasures

It is recommended that you use passwords that are as strong as possible , that you change them regularly and that you use different passwords for different services.

Data connections in radio networks should be operated with well-secured encryption using a corresponding encryption protocol .

Furthermore, in the case of an increasing number of applications that require registration with Internet services, there is the possibility of using additional measures, such as two-factor authentication .

If data theft is to be prevented or at least limited in scope, the principles of data avoidance and data economy apply .

Legal position

In Germany

In Germany, spying on data is punishable under Section 202a of the Criminal Code (StGB). In the version that came into force in 1986, the legislature made the unauthorized provision of data as spying on data a criminal offense. This provision only applies to data that is stored electronically , magnetically or otherwise imperceptibly. According to this, the prerequisite for the offense is that a perpetrator has not brought into his control of data that was intended for him - and that was specially protected against unauthorized access. This means that not all unauthorized access to a computer system in general, but only in connection with spying on data is punishable.

Also the preparation of the act is not punishable, so as procuring appropriate software.

In Switzerland

The word data theft appears in media releases , but not in the criminal code. The Federal Prosecutor's Office has accused Hervé Falciani of data theft, but the charge is “ unauthorized data acquisition ” (Art. 143 (1) StGB).

See also

Individual evidence

  1. What are data abuse & data theft? , Fellowes.
  2. Data theft at ATMs: How to protect yourself , test.de , September 29, 2009, accessed on February 22, 2015
  3. Another data theft: BSI warns Internet users , test.de , April 7, 2014, accessed on February 22, 2015
  4. Data theft on Ebay: change password , test.de , June 26, 2014, accessed on February 22, 2015
  5. WLan: Absolutely encrypt , test.de , June 24, 2010, accessed on February 23, 2015
  6. Two-factor authentication: how it works , test.de , January 28, 2014, accessed on February 22, 2015
  7. Marco Gercke / Phillip W. Brunst, Praxishandbuch Internetstrafrecht , 2009, p. 89
  8. Data theft at HSBC Private Bank in Geneva: indictment , Swiss Federal Prosecutor's Office, December 11, 2014.