November 16, 2016
Adobe has received a fine of $1 million for a data breach that occurred in 2013 and which exposed millions of users, as a hacker managed to infiltrate in a server where the company stored encrypted payment card numbers and expiration dates, names, addresses, telephone numbers, e-mail addresses, usernames, and passwords.
The security breach happened in 2013 when an attacker broke into Adobe’s own network and accessed systems where the company was storing customer data.
At that time, Adobe sent notifications to more than 3.1 million users whose credit card information was stolen, but also to more than 33 million users whose passwords were compromised.
After a thorough investigation, 15 state Attorneys General ruled that Adobe failed to properly protect customers and fined the company $1 million, while also requiring new security systems that would help prevent similar breaches in the future.
In motivating their decision, the American states explained that Adobe not only failed to implement security systems to protect user information but also failed to immediately detect an attack and thus reduce damages.