In December 2019, Abine, the company in charge of Delete me online privacy protection service, and Blur password manager reported a data breach involving exposure of server files containing users' sensitive information. The company pointed out that the files were left accessible online and contained Blur user's registration details since 2018 (Hernandez, 2016). The exposed information consisted of users' password hints, first name, surname, email address, encrypted blur password, and output encryption process exposure. The breach had affected an estimated 2.4 million Blur users.

The occurrence of a security breach at Abine Company could have been avoided. For instance, Abine Company should have notified its users and faced the negative effect of the data breach on customer loyalty and its brand (Graham, 2017). Moreover, the Abine company should have minimized security breaches by conducting data security evaluations for third party entities, performing regular risk assessments, updating security software, data back up and encryption, ensuring partners and vendors maintain high data protection standards, staff awareness, and training. The Abide Company should ensure that their server software containing its users' files are regularly patched and updated to prevent hackers from exploiting weak spots that expose user data.

Additionally, the company should conduct vulnerability assessments to address and review any new risks and data protection changes. For instance, the company should ensure adequate procedures and policies for employees’ remote access and data storage (Hernandez, 2016). The Abine Company should back up and encrypt personal data contained in workplace computers and laptops. For instance, instead of utilizing backup tapes that can be stolen or lost, the company should back up data to internet remote services such as cloud servers. Furthermore, the company should institute a culture of data security awareness to prevent mistakes leading to security breaches. The company should also utilize a third-party security evaluation to obtain an unbiased review of users' data maintenance.

References

Graham, A. (2017). Five simple ways businesses can avoid a data breach - IT Governance UK Blog. Retrieved 22 January 2021, from https://www.itgovernance.co.uk/blog/five-simple-ways-businesses-can-avoid-a-data-breach

Hernandez, A. (2016). How To Prevent A Security Breach. Retrieved 22 January 2021, from https://www.lawtechnologytoday.org/2016/07/how-to-prevent-a-security-breach/