Homework answers / question archive / In the first milestone, you identified a recent security incident that took place

In the first milestone, you identified a recent security incident that took place

Computer Science

Share With

---

In the first milestone, you identified a recent security incident that took place. There were multiple incidents that were chosen such as Target, OPM, Equifax, Home Depot, and so many more. 

In the second milestone, you will access the administrative, physical, and technical controls of the particular company then determine which one of these administrative, physical, and technical controls were not secure and led to the security incident. 

Guidelines for Submission: Your paper must have a title and reference page, be submitted as a two page Word document with double spacing, 12-point Times New Roman font, one-inch margins, and at least three sources cited in APA format.  As a reminder, every assignment goes through a plagiarism checker so follow all the guidelines that we have discussed as you read your articles, books, etc. and summarize the author's thoughts. 
 

ARBONNE MLM DATA BREACH

3

ARBONNE MLM DATA BREACH

 

 

 

Arbonne MLM Data Breach

Student’s Name

Course

Instructor

Date

 

 

 

 

 

 

 

 

 

Information breach involves an event where external or unauthorized users fraudulently access data of an organization. Arbonne MLM is an international multilevel marketing company. On April 20th, 2020, there was a breach that exposed personal information and user passwords. In the evening of this day, Arbonne realized there was unusual activity within some of its internal systems, according to the letter filed with the office of Attorney general in California (Gatlan, 2020). After the investigation, the company identified a data table with personal information that could have been accessible to unauthorized individuals. This incident impacted about 3500 residents from California. The company only shared individuals affected in California, but the actual number is still unknown. However, based on the investigations, the company said that the incident did not expose payment or government id information.

While the investigation was still ongoing, all the affected users were forced to reset the passwords. The company security team also notified the users to ensure they all became aware of the incident. This issue s was also reported to the FBI and other relevant regulators to help in the investigation. The actions taken by Arbonne MLM indicate it understands the regulatory requirements and has adequate risk management and response. However, the company should develop an effective breach response strategy and prevention measures to ensure the incidence does not occur in the future. Arbonne MLM should implement innovative technology that will successfully detect and prevent another breach incidence in the future. Building a risk management strategy involves risk assessment and risk treatment (Gladstone et al. 2016). Risk assessment involves determining the network security risks, data, and security risk and the current organization security control. Risk treatment is the actions implemented to remediate vulnerability through different approaches such as risk avoidance, risk management, planning for incidence response, sand incidences management.

References

Gatlan, S. (2020). Arbonne MLM data breach exposes user passwords, personal info. https://www.bleepingcomputer.com/news/security/arbonne-mlm-data-breach-exposes-user-passwords-personal-info/?&web_view=true

Gladstone, P. J. S., Kirby, A. J., Truelove, J. M., Feinzeig, D., Venna, N., & Boyer, S. (2016). U.S. Patent No. 9,438,615. Washington, DC: U.S. Patent and Trademark Office.