BREACH
BREACH stands for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext. It is a type of cyber attack that targets the encryption of websites that use HTTPS.
Let me explain HTTPS first. When you visit a website that starts with “https://” instead of “http://”, it means that the website has an SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificate. This certificate encrypts the data sent between your browser and the website, making it more secure from hackers.
However, in a BREACH attack, hackers can find a way to get around this encryption by using a technique known as “adaptive compression.” This involves sending multiple requests to the target website, each time with a small amount of data. With each request, the attacker measures the size of the compressed response to see if it contains any sensitive information.
If the compressed response is smaller than expected, it means that the attacker has found a piece of sensitive information. By repeating this process multiple times, the attacker can piece together enough information to eventually get access to the website’s sensitive data.
To prevent BREACH attacks, website owners can implement countermeasures such as disabling HTTP compression, randomizing the length of responses, and more.