No, I still disagree. An attacker could compromise the backup system, or access the file system and duplicate the database at the file level, or just steal a disk. Both Oracle and Microsoft SQL Server support transparent disk encryption to protect against precisely this type of attack.
> If you're a defender, I would go further and say you must assume it.
The assumptions you make when reacting to a known compromise are wildly different than what access an attacker actually has and what they might be able to do.
> If you're a defender, I would go further and say you must assume it.
The assumptions you make when reacting to a known compromise are wildly different than what access an attacker actually has and what they might be able to do.