PII is any data that an organisation or individual can utilise to identify a specific individual. Examples of personally identifiable data include the subject’s full name, bank details, email address, passport number, driving license number and national insurance number. Within cybersecurity, PII is discussed in the context of identity theft and data breaches. As such, organisations that experience a data breach have a significant concern in that the PII is exposed. Cyber-criminals can target and use any vulnerable PII to perpetrate cyber crimes. PII also includes any information that organisations can use to identify a specific individual in combination with additional data elements (indirect identification).