In the latest of a seemingly never-ending string of data breaches, the software company Adobe recently announced that it has suffered a data breach which may have exposed nearly 3 million customers' sensitive information.
This breach, like so many others, should serve as yet another reminder of the need for organizations to adopt high-end data protection tools, such as secure file transfer solutions, as well as develop strategies and policies which reduce the risk of data exposure.
A serious breach
Brad Arkin, chief security officer at Adobe, revealed that the company had conducted an investigation and discovered that cyberattackers had gained access to Adobe customer IDs and passwords. And that was not all.
"We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders," Arkin stated.
Arkin added that Adobe is working with external partners and law enforcement agencies in an effort to minimize the damage from the incident and pursue those responsible.
Additionally, Adobe will offer affected customers a complementary year of credit monitoring membership.
As Mashable noted, Adobe's efforts to encrypt sensitive customer data likely will keep this information protected despite the theft, thereby preventing these clients from being affected by identity theft or fraud. However, this is far from guaranteed, as the exact nature of Adobe's security measures is not currently known.
Ultimately, though, there is no question that this breach will have put millions of Adobe customers at risk. And while the exact nature of the cyberattack is not yet known, it is also almost certainly true that the breach itself could have been prevented.
This is because virtually all data breaches are preventable. They occur because of oversights or mistakes on the part of companies that have not made protecting their sensitive data resources a sufficiently high priority.
Both tools and strategies are necessary for firms to truly protect themselves from cyber threats. In the former category, secure file transfer solutions should be seen as vital. These resources enable employees to send and receive information without increasing the risk of exposure, even when those files venture beyond the corporate firewall.
Best practices are also essential. Employees should be trained to avoid risky websites and emails, and to always utilize whatever security tools have been made available to them.