Comment Somewhat Related (Score 2) 320
Say you work for company, which gets compromised and data is exfiltrated out of the network to a known source (the attacker used scp so the ip address, username and password are left within bash history or some other bash log). You find it within minutes or before the scp is completed. How do people feel about logging into the machine the data is being exfiltrated to and erasing it from the remote server?
Even if the 3rd party box is one they popped and not the attackers true machine, your not damaging the machine, network, etc., you are just removing 'unauthorized data' (granted, it may be a very fine line).