“RSA 2016 For years, the security industry has been primarily focused on stopping information theft. Now more and more people in the trade are worried that the next wave of attacks won’t steal data – they’ll alter it instead.”
There are a couple of examples in the linked article, but know that these types of attacks are coming, and they will be a lot harder to fix once it’s been done. Instead of stealing your information, what if I close your bank account? Or change your DMV record to show that your license has been suspended? Those are some of the small ways you could screw with individuals, but think of all the NSA-collected data that could be altered to show anything you want it do, or manipulate markets, energy grids, etc.
For me, professionally, so much of what we do in the legal system is based on the data being preserved, but we assume it’s accuracy. What if it’s been hacked and altered? What if right before I filed a discrimination case, I hacked an HR system and altered the race, sex, or age of every terminated employee, and then that data was requested as part of discovery?
Scary, scary stuff. Like the article says, maybe storing a paper record as a backup wouldn’t be the worst idea.