I’m not a target, am I? This is an often used argument, but no longer tenable since the GDPR. Every organization has access to personal data of customers, suppliers and employees. Identities are wanted since hackers can easily conclude contracts with name and address details, pay slips and identity documents of your employees. This usually happens for phone subscriptions and private lease constructions.
Virtually all organizations that have fallen victim to digital crime in recent years were not a deliberate target but the victim of automated attacks. The search for vulnerabilities in IT infrastructures and systems in organizations is becoming increasingly automated. Employees are bombarded with emails, whatsapp, text messages and messages on social media to entice them to contact the criminals. All necessary information is available online at the Chamber of Commerce. In addition, organizations are automatically tested for weak passwords and vulnerabilities in technology. Essentially everyone can be a target.