Worst case is largely depending on what they actually are able to gain access to.
Worst case worst case? They managed to get your PII and sell it on the dark web, ransomware all your files, demand a ransom which you of course pay because you have it recoverable files and like 90% of the people in the world don’t have backups, and then they don’t give you the decryption key like they usually don’t.
Another scenario is they are able to get your PII, sell it, you don’t notice it, but they also leave a back door or two in your infrastructure that you don’t notice for foo length of time and they exfiltrate data on a continuing basis. This happens to businesses on a very very regular occasion. It’s more valuable to get a trickle of data over time than a fire hose all at once.
An added scenario to the second one is that they use your infrastructure to infect/attack others.
Worst case is largely depending on what they actually are able to gain access to.
Worst case worst case? They managed to get your PII and sell it on the dark web, ransomware all your files, demand a ransom which you of course pay because you have it recoverable files and like 90% of the people in the world don’t have backups, and then they don’t give you the decryption key like they usually don’t.
Another scenario is they are able to get your PII, sell it, you don’t notice it, but they also leave a back door or two in your infrastructure that you don’t notice for foo length of time and they exfiltrate data on a continuing basis. This happens to businesses on a very very regular occasion. It’s more valuable to get a trickle of data over time than a fire hose all at once.
An added scenario to the second one is that they use your infrastructure to infect/attack others.