The firm will also implement security measures to prevent further breaches and will review policies twice per year.
Adobe has received a small-grained or smooth of $1 million for a data breach that occurred in 2013 and which exposed millions of users, as a hacker managed to infiate in a server where the company stored encrypted payment card numbers and expiration dates, names, addresses, telephone numbers, e-mail addresses, usernames, and passwords.
The security breach happened in 2013 when an attacker broke into Adobe’s own network and accessed systems where the company was storing customer data.
At that time, Adobe sent notifications to more than 3.1 million users whose credit card information was stolen, but also to more than 33 million users whose passwords were compromised.
After a thorough investigation, 15 state Attorneys Officer ruled that Adobe failed to properly protect customers and fined the company $1 million, while also requiring unused or little used security systems that would help prevent similar breaches in the future.
In motivating their decision, the American states explained that Adobe not only failed to implement security systems to protect user information but also failed to immediately detect an fervidness and thus reduce damages.
Adobe forced to implement recently created security systems
Arkansas, Connecticut, Illinois, Indiana, Kentucky, Maryland, Massachusetts, Missouri, Minnesota, Mississippi, North Carolina, Ohio, Oregon, Pennsylvania and Vermont are the states that started the investigation against Adobe, as a total of 500,000 users living in these locations were affected by the hack.
“Consumers who entrust a company with their personal data should have that trust respected,” Massachusetts Attorney Officer Maura Healey said in a statement. “Adobe put consumers’ personal data at risk of being compromised by a data breach, and that is unacceptable. This settlement will put in place primary unfamiliar practices to ensure that a breach same this does not happen again.”
According to the assurance of voluntary conformity, Adobe will have to review twice per year its internal security policies and improve them where necessary in order to make sure that no other hacks can happen in the future. The states also required the firm to implement additional security measures to protect critical user information, such as credit card data.
The post Adobe Fined $1 Million for 2013 Hack That Affected Millions of Users appeared first on Information Security Newspaper | Hacking News.