==== Modification of application data

Applications may rely on data that cannot be distributed with the application
code. This may be due to the size of the data, or because the data is regularly
updated. This data is downloaded by the application as it is needed.

If an attacker can gain access to an authentication secret, they may be able to
alter or delete this application data. This may cause parts of the application
to misbehave or stop working. Maliciously altered data could also contain
undesirable content which results in reputational damage.