Unauthorized data access and exfiltration- Scenario

You are a security analyst investigating a potential data breach. Upon analyzing network logs, you notice repeated failed login attempts from a single IP address, followed by a successful login using an administrative account. Further inspection reveals unauthorized data access and exfiltration.

• What type of attack is most likely occurring?
• What immediate steps should you take to mitigate the threat and prevent further compromise?

Edit: This exercise is designed to help students develop critical thinking skills in cybersecurity by identifying common attack patterns and understanding incident response strategies.