assignment

profileravitej01
ArbonneMLMDataBreach.edited.docx

ARBONNE MLM DATA BREACH

3

ARBONNE MLM DATA BREACH

Arbonne MLM Data Breach

Student’s Name

Course

Instructor

Date

Information breach involves an event where external or unauthorized users fraudulently access data of an organization. Arbonne MLM is an international multilevel marketing company. On April 20th, 2020, there was a breach that exposed personal information and user passwords. In the evening of this day, Arbonne realized there was unusual activity within some of its internal systems, according to the letter filed with the office of Attorney general in California (Gatlan, 2020). After the investigation, the company identified a data table with personal information that could have been accessible to unauthorized individuals. This incident impacted about 3500 residents from California. The company only shared individuals affected in California, but the actual number is still unknown. However, based on the investigations, the company said that the incident did not expose payment or government id information.

While the investigation was still ongoing, all the affected users were forced to reset the passwords. The company security team also notified the users to ensure they all became aware of the incident. This issue s was also reported to the FBI and other relevant regulators to help in the investigation. The actions taken by Arbonne MLM indicate it understands the regulatory requirements and has adequate risk management and response. However, the company should develop an effective breach response strategy and prevention measures to ensure the incidence does not occur in the future. Arbonne MLM should implement innovative technology that will successfully detect and prevent another breach incidence in the future. Building a risk management strategy involves risk assessment and risk treatment (Gladstone et al. 2016). Risk assessment involves determining the network security risks, data, and security risk and the current organization security control. Risk treatment is the actions implemented to remediate vulnerability through different approaches such as risk avoidance, risk management, planning for incidence response, sand incidences management.

References

Gatlan, S. (2020). Arbonne MLM data breach exposes user passwords, personal info. https://www.bleepingcomputer.com/news/security/arbonne-mlm-data-breach-exposes-user-passwords-personal-info/?&web_view=true

Gladstone, P. J. S., Kirby, A. J., Truelove, J. M., Feinzeig, D., Venna, N., & Boyer, S. (2016). U.S. Patent No. 9,438,615. Washington, DC: U.S. Patent and Trademark Office.