File or Database Record Deletion

File or Database Record Deletion is a subtechnique of Data Destruction within the Impact tactic, where adversaries deliberately remove files, database records, or other critical data to disrupt business operations, conceal their activities, or cause direct harm to an organization. Unlike more comprehensive destruction techniques that may involve rendering entire systems unusable, this approach targets specific data elements while often leaving applications and systems operational. Attackers commonly leverage legitimate system utilities, administrative commands (such as del, rm, or SQL DELETE statements), or exploit application vulnerabilities to perform targeted deletions. In database environments, adversaries may execute SQL injection attacks or abuse compromised administrative credentials to selectively remove transaction records, customer data, or other critical information. The impact can range from minor operational disruption to severe business consequences, particularly when the deleted data lacks proper backup mechanisms or when the deletion is designed to affect specific business processes. Organizations may not immediately detect such activities, especially when the deletions are performed gradually or target data that isn't frequently accessed, potentially allowing the damage to compound before discovery.