More than 500,000 consumers affected by hack

Security Button on Computer Screen / Adobe Will Pay One Million Dollars Due to Data Breach and Bolster Security
Image: Pixabay
November 15, 2016

A 2013 data breach that might have compromised credit card numbers and contact information for more than 500,000 consumers will cost Adobe $1 million, stated North Carolina Attorney General Roy Cooper.

More than 50,000 North Carolinians were affected by the hack.

"Criminals and hackers are after our personal financial data and businesses and government must do more to protect it," Cooper said. "If a data breach may have put your information at risk, act fast to protect it."

Under the terms of a multistate agreement, Adobe is to pay $1 million to 15 states, including North Carolina, as well as to put new policies and practices into effect in order to prevent similar breaches from occurring in the future. North Carolina's share of this settlement totals $71,186.75.

The agreement resolves an investigation into the hack of certain Adobe servers, including servers that contained personal information for roughly 552,000 consumers across 15 states. In all, there were 52,734 North Carolinians affected by the hack.

Adobe first discovered an attempt to steal consumers' payment information kept on one of its servers in September 2013. The hacker stole customers' encrypted credit card numbers and expiration dates, names, addresses, telephone numbers, e-mail addresses, usernames, and other information.

Together with the other states participating in the investigation, North Carolina claimed that the company did not take reasonable security measures in order to protect its systems from attack or have adequate measures in place for detecting an attack right away.

The other states participating include Arkansas, Connecticut, Illinois, Indiana, Kentucky, Maryland, Massachusetts, Missouri, Minnesota, Mississippi, Ohio, Oregon, Pennsylvania, and Vermont.

State law requires North Carolina businesses and state and government agencies to notify consumers when their personal financial information may have been compromised by a security breach. In addition, they also have to report the hacks to the North Carolina Attorney General's Office.

Since the law went into effect in 2005, there have been more than 3,700 such breaches reported that affected almost 10 million North Carolina residents. This number includes the 677 hacks reported in 2016 to date.