Does a skeleton key have any place in cybersecurity?
This might seem like an obvious answer to some, but you’d be surprised by the corporate giants who couldn’t figure this out.
In 2013, Adobe suffered a cyber attack that was made much, MUCH worse by the fact that they had encrypted all passwords using the same encryption key.
This rendered encrypted content insecure and resulted in a problem that was exponentially worse than initially reported.
By the time all was said and done, Adobe’s data leak affected over 20 times more users than they first believed, and led to a million-dollar lawsuit over consumer protection practices.
With nearly 150 million users’ information exposed, it highlighted an interesting intersection of a corporation and its consumers both struggling with their security oversights.
Adobe knew about its encryption vulnerability but did nothing to further protect passwords at the time.
And similarly, many users who experienced problems with accounts outside of Adobe faced these issues because they hadn’t followed best practices and were using the same password in multiple places.
(Something nearly all of us have been guilty of before.)
The should’ve-would’ve-could’ve game will only get you so far once you?re faced with a data breach, but you can get ahead of your problems with smart solutions for your company straight from my newsletter here: www.mardatadvisors.com/risk
If you’ve got a cybersecurity issue on your plate, this is no time to panic!
#StayEmpowered #StayInformed and #StartToday