Data Hoarding is when an employee for example is downloading unusual amount of data from internal servers which can be useless or not but can be a security risk in order to prepare exfiltration data.May be there is malicious intention, for example the employee is leaving the company on good terms for a competitor or in bad terms, or the privacy data can be an interesting source to gain money.
Data Exfiltration is when an employee is trying to upload unusuals amount data to en external server or external backup services to malciously exfiltrating corporate data.
Data Exfiltration can be mitigated using Data Loss Prevention feature available on many security products like Cisco ESA, WSA or Cisco Umbrella.
Data Hoarding is difficult to detect, since the traffic is inside your corporate network. Here comes the solution of in depth monitoring to detect insider threats like data Hoarding. To accomplish this, organizations need visibility solution like Cisco Secure Network Analytics to track east-west traffic and lateral movement of internal users to detect and alert for any unauthorized access with stolen credentials from employees that do not have the rights to access your sensitive and privacy data or authorized employee with unusual amount of downloaded data.