The individual completed successfully a Cyber Range campaign focused on sensitive data exposure including passwords, session tokens, credit card data to private health data and more. A few examples would include data that someone inadvertently uploaded somewhere, weak crypto that means an attacker would be able to read the data if they successfully compromised the target, or the lack of headers that prevent browser caching.