Privacy budget attacks exploit the mechanism of a privacy budget in differential privacy systems. An adversary conducts a series of operations that manipulate the system's tracking of the privacy budget. For example, an attacker might attempt to exhaust the privacy budget prematurely by triggering high-cost privacy operations when sensitive data is encountered. This type of attack uses the system's response—either completing or denying a query based on the remaining budget—as a way to infer private information about the database contents.