The technique, spotted by IBM's Managed Security Services researchers, involves miscreants breaking into a corp's servers, typically using a SQL injection attack against a website.
The intruders investigate the infiltrated servers for valuable information and stick it all in a cloud storage account.
Web server logs are an excellent source of information on this, he said, as well as running forensic scans on machines.
You'll just have to hope that the information stays private; if people's personal data is leaked, you should declare that, anyway.
Of course, the most obvious tactic is to harden up your defenses before these scammers strike.
But that's been the security industry's advice for the past 30 years and that doesn t seem to have sunk in yet.