Computer Security Report: MyFitnessPal Data Breach and Its Impact
VerifiedAdded on  2023/05/31
|16
|4212
|257
Report
AI Summary
This security audit report focuses on the MyFitnessPal data breach, which compromised the data of over 150 million users. It begins with an introduction to the organization and its services, followed by a detailed background of the company and the services affected. The report delves into the technical aspects of the attack, including the SHA-1 hashing technique and phishing methods used by cybercriminals. It explores how the threat compromised the application, impacting user data such as email addresses and passwords, and the subsequent decline in the company's reputation. The report also provides a research discussion on the topic, examining the impact of data breaches on business organizations and potential preventive measures. The report concludes with an overview of the incident and its implications, emphasizing the importance of robust security protocols to safeguard user data and maintain business integrity.
Running Head: COMPUTER SECURITY
Computer Security
Name of the Student
Name of the University
Author Note
Computer Security
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1COMPUTER SECURITY
Executive Summary
The foremost determination of the security audit paper is to focus on the security audit data
breach of the My Fitness Pal which exposed millions of records. The audit paper will be
focussing on the impact of the data breach which had a direct impact on the reputation of this
organization.
The audit paper will be stating with the introduction of the organizations and its services
provided to the clients. The background of the organization will be stated in this paper with
prime importance. The services which were affected due to the data breach will be discussed
in this paper. The audit paper will also be highlighting the technical background of the
technology which is used in the attack. The reason behind this data breach act will also be
focused in this paper. At the same time, this paper will be concentrating on how the data
breach impacted the application of this business organization. The research topics unit of this
paper will be helping the readers of this to have an idea about these kinds of data breaching
activities over the years.
Executive Summary
The foremost determination of the security audit paper is to focus on the security audit data
breach of the My Fitness Pal which exposed millions of records. The audit paper will be
focussing on the impact of the data breach which had a direct impact on the reputation of this
organization.
The audit paper will be stating with the introduction of the organizations and its services
provided to the clients. The background of the organization will be stated in this paper with
prime importance. The services which were affected due to the data breach will be discussed
in this paper. The audit paper will also be highlighting the technical background of the
technology which is used in the attack. The reason behind this data breach act will also be
focused in this paper. At the same time, this paper will be concentrating on how the data
breach impacted the application of this business organization. The research topics unit of this
paper will be helping the readers of this to have an idea about these kinds of data breaching
activities over the years.
2COMPUTER SECURITY
Table of Contents
Introduction................................................................................................................................3
Background of the organization.................................................................................................3
Technical background of the technology used in the attack......................................................4
How the threat actually compromised the app...........................................................................6
Research discussion based on the topic.....................................................................................7
Preventive measures of the attack..............................................................................................9
Conclusion................................................................................................................................10
Reference..................................................................................................................................12
Table of Contents
Introduction................................................................................................................................3
Background of the organization.................................................................................................3
Technical background of the technology used in the attack......................................................4
How the threat actually compromised the app...........................................................................6
Research discussion based on the topic.....................................................................................7
Preventive measures of the attack..............................................................................................9
Conclusion................................................................................................................................10
Reference..................................................................................................................................12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3COMPUTER SECURITY
Introduction
The foremost determination of this security audit paper is to focus on the data breach
in the My Fitness Pal accounts in February 2018, which had a negative impact on more than
150 million users of their services. The user accounts, email address and the hashed
passwords were decoded by the cyber criminals. The shares of the subsidiary organization
Under Armor dropped 3.8 percent after this cyber security issue. The payment information of
the clients of this organization was saved from the cyber criminals (Bui, 2016). The security
of the data of the clients of this business organization was compromised during this attack.
The professional perspective of the cybercriminals is under hammer after this famous attack.
The sportswear brand Under Armor bought the global fitness organization in the year 2015
for $475 million USD. In the year 2015, My Fitness Pal had about 80 million users all over
the world. The agonistic approach to the application helped the fitness organization to grow
and increase their business circle. The different services which were compromised during the
famous data breach act were the exercise related activities and the calorie tracking segments
(Chang & Ramachandran, 2016). The security steps which are adopted by this organization
after knowing about the data breach was not enough to contain this situation as the newly
created hash words were not enough to contain the situation.
Background of the organization
Founded in the year 1996 by Kevin Plank, this American business organization
manufactures footwear, sports and casual apparel. Kevin Plank was the caption of the football
team University of Maryland. The organization was facing severe crisis last year due to the
inefficient operational strategies. The increased amount of good sold in the online portals was
one of the main reasons behind their downfall. The current estimated worth of this business
organization is around $14 billion USD (MyFitnessPal, 2018). The external threats coming
Introduction
The foremost determination of this security audit paper is to focus on the data breach
in the My Fitness Pal accounts in February 2018, which had a negative impact on more than
150 million users of their services. The user accounts, email address and the hashed
passwords were decoded by the cyber criminals. The shares of the subsidiary organization
Under Armor dropped 3.8 percent after this cyber security issue. The payment information of
the clients of this organization was saved from the cyber criminals (Bui, 2016). The security
of the data of the clients of this business organization was compromised during this attack.
The professional perspective of the cybercriminals is under hammer after this famous attack.
The sportswear brand Under Armor bought the global fitness organization in the year 2015
for $475 million USD. In the year 2015, My Fitness Pal had about 80 million users all over
the world. The agonistic approach to the application helped the fitness organization to grow
and increase their business circle. The different services which were compromised during the
famous data breach act were the exercise related activities and the calorie tracking segments
(Chang & Ramachandran, 2016). The security steps which are adopted by this organization
after knowing about the data breach was not enough to contain this situation as the newly
created hash words were not enough to contain the situation.
Background of the organization
Founded in the year 1996 by Kevin Plank, this American business organization
manufactures footwear, sports and casual apparel. Kevin Plank was the caption of the football
team University of Maryland. The organization was facing severe crisis last year due to the
inefficient operational strategies. The increased amount of good sold in the online portals was
one of the main reasons behind their downfall. The current estimated worth of this business
organization is around $14 billion USD (MyFitnessPal, 2018). The external threats coming
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4COMPUTER SECURITY
from the rival organizations were very much negative for this business organization. This
business organization have their branches all over the world such as New York City,
Shanghai, Jakarta City and San Francisco. The products of this corporation includes the
sports shoes, sports based garments and sports based products such as the protective gear,
gloves and the jackets.
My Fitness Pal is a subsidiary organization of the Under Armor organization. Stakes
of this organization were bought in the year 2015 for $475 million USD. This is an
application found in most smart phones. They provide a variety of services to their clients all
over the world. The activity of the calorific intake is considered in this website which can
help its clients to lead a healthier life cycle. The nutrients of the user’s goals are focused in
their applications. More than 5 million nutritional foods are recommended by this application
which can help them to specify and look in to the individual requirements of the clients
(Dahabiyeh, 2015). The various items of this organization can be accessed with the help of
the barcodes after the clients pay their amount to the company. There are different types of
payment methods in the portals of the My Fitness Pal. More than 50 different devices of the
clients are handled by this organization providing them with a detailed health plan. This
organization also uses the Garmin wearable devices. The calorie awareness, maintenance and
the variety in nutritional food items are the primary aspects of this business organization
(Dhasarathan, Thirumal & Ponnurangam, 2015). There are different types of subscription
modules in this organization which makes it easier for the clients to deal with issues
according to their needs and requirements.
Technical background of the technology used in the attack
The data breach which occurred in the year 2018 in the My Fitness Pal is one of the
biggest cyber security issue in the world (Erkin et al., 2013). The user’s friendly codes which
from the rival organizations were very much negative for this business organization. This
business organization have their branches all over the world such as New York City,
Shanghai, Jakarta City and San Francisco. The products of this corporation includes the
sports shoes, sports based garments and sports based products such as the protective gear,
gloves and the jackets.
My Fitness Pal is a subsidiary organization of the Under Armor organization. Stakes
of this organization were bought in the year 2015 for $475 million USD. This is an
application found in most smart phones. They provide a variety of services to their clients all
over the world. The activity of the calorific intake is considered in this website which can
help its clients to lead a healthier life cycle. The nutrients of the user’s goals are focused in
their applications. More than 5 million nutritional foods are recommended by this application
which can help them to specify and look in to the individual requirements of the clients
(Dahabiyeh, 2015). The various items of this organization can be accessed with the help of
the barcodes after the clients pay their amount to the company. There are different types of
payment methods in the portals of the My Fitness Pal. More than 50 different devices of the
clients are handled by this organization providing them with a detailed health plan. This
organization also uses the Garmin wearable devices. The calorie awareness, maintenance and
the variety in nutritional food items are the primary aspects of this business organization
(Dhasarathan, Thirumal & Ponnurangam, 2015). There are different types of subscription
modules in this organization which makes it easier for the clients to deal with issues
according to their needs and requirements.
Technical background of the technology used in the attack
The data breach which occurred in the year 2018 in the My Fitness Pal is one of the
biggest cyber security issue in the world (Erkin et al., 2013). The user’s friendly codes which
5COMPUTER SECURITY
were actively used for hampering the data integrity of this business organization is the SHA-1
hashing technique. It had no impact on the license numbers of the drivers and the social
security numbers. The source of the data is infiltrated by the cybercriminals due to the
inefficient general data protection regulation requirements of this business organization.
Millions of data of this organization were hacked with the help of this technique (Faruki et
al., 2013). The sensitive information’s associated with the data of the clients of this business
organization are compromised with the help of the discussed technique. The network security
protocols were bypassed by the cyber criminals. The cyber criminals used the social
engineering techniques to understanding the networking protocols of My Fitness Pal. The
spear phishing emails were sent to the clients of this organization and when they downloaded
the attachment associated to the mail their fitness accounts were under the control of the
cybercriminals. These technologies are generally used in many other famous data breaching
activities such as the Joker Stash which impacted around 5 million users and the fitness
application Pump Up which impacted around 6 million users. These technologies are very
much impactful for the data breaching activities.
The trust worthy entities are hacked with the help of the phishing emails. Their
phishing emails are carried out with the help of the instant messaging techniques and the
email spoofing. The users of this business organization were directed to a different website
under the same name and made to enter their personal details (Holt, 2013). The clients of this
fitness organization are deceived by the strategies adopted by the cyber criminals but their
operational strategies were dependent on the phishing emails only. There are different types
of phishing emails which are dedicatedly used by the cyber criminals in this scenario which is
the manipulation of the links. This type of deception can be termed as the technical
deception. This technology is designed to make a link in the email and in the attachment unit
of the emails (Kamoun & Nicho, 2014). The spoof website is attached to it the link which is
were actively used for hampering the data integrity of this business organization is the SHA-1
hashing technique. It had no impact on the license numbers of the drivers and the social
security numbers. The source of the data is infiltrated by the cybercriminals due to the
inefficient general data protection regulation requirements of this business organization.
Millions of data of this organization were hacked with the help of this technique (Faruki et
al., 2013). The sensitive information’s associated with the data of the clients of this business
organization are compromised with the help of the discussed technique. The network security
protocols were bypassed by the cyber criminals. The cyber criminals used the social
engineering techniques to understanding the networking protocols of My Fitness Pal. The
spear phishing emails were sent to the clients of this organization and when they downloaded
the attachment associated to the mail their fitness accounts were under the control of the
cybercriminals. These technologies are generally used in many other famous data breaching
activities such as the Joker Stash which impacted around 5 million users and the fitness
application Pump Up which impacted around 6 million users. These technologies are very
much impactful for the data breaching activities.
The trust worthy entities are hacked with the help of the phishing emails. Their
phishing emails are carried out with the help of the instant messaging techniques and the
email spoofing. The users of this business organization were directed to a different website
under the same name and made to enter their personal details (Holt, 2013). The clients of this
fitness organization are deceived by the strategies adopted by the cyber criminals but their
operational strategies were dependent on the phishing emails only. There are different types
of phishing emails which are dedicatedly used by the cyber criminals in this scenario which is
the manipulation of the links. This type of deception can be termed as the technical
deception. This technology is designed to make a link in the email and in the attachment unit
of the emails (Kamoun & Nicho, 2014). The spoof website is attached to it the link which is
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6COMPUTER SECURITY
the exact copy of the My Fitness Pal application which is the main reason behind deceiving
such a huge number of clients all over the world. The spoof website has misspelt URL’s
which were overlooked by the clients as they thought that it was the original website. The
sources codes of the spoof website are customized entirely by the criminals according to their
needs and requirements. The reliability of the data was compromised with the help of this
technology (Hyman, 2013). A huge amount of money and personal information were used by
the cybercriminals for their personal benefits. The data which was extracted from the account
of the user can be used in different illegal activities or even in the terrorist activities which
can be a source of concern considering the social issues. The prime intentions of the attackers
were to extract a huge amount of personal details as this organization have their clients all
over the world. The amount of success the cyber criminals had over the years in different
business organizations has led to this attack.
How the threat actually compromised the app
The threat coming from the phishing email compromised the integrity of this fitness
application. The personal details of the clients of this business organization such as the
residential address, email addresses, user’s names, hash-enabled alphanumeric passwords.
The clients of this business organization were very much reliable due to the impressive
strategies but were bluffed this time around due to the impressive strategy adopted by the
cyber criminals. The data was stolen from the original portal of thus fitness organization
(Loader & Thomas, 2013). The passwords were changes from the hash functions to the string
like characters which was not noticed by the internal stakeholders of this business
organization. The working principals of the hash function worked positively for the cyber
criminals as they turned the long passwords into cryptographic hashes which are very much
difficult to reverse. The attackers included intense source codes while encrypting the file.
Multiple rounds of complication were performed by the cyber criminals implemented their
the exact copy of the My Fitness Pal application which is the main reason behind deceiving
such a huge number of clients all over the world. The spoof website has misspelt URL’s
which were overlooked by the clients as they thought that it was the original website. The
sources codes of the spoof website are customized entirely by the criminals according to their
needs and requirements. The reliability of the data was compromised with the help of this
technology (Hyman, 2013). A huge amount of money and personal information were used by
the cybercriminals for their personal benefits. The data which was extracted from the account
of the user can be used in different illegal activities or even in the terrorist activities which
can be a source of concern considering the social issues. The prime intentions of the attackers
were to extract a huge amount of personal details as this organization have their clients all
over the world. The amount of success the cyber criminals had over the years in different
business organizations has led to this attack.
How the threat actually compromised the app
The threat coming from the phishing email compromised the integrity of this fitness
application. The personal details of the clients of this business organization such as the
residential address, email addresses, user’s names, hash-enabled alphanumeric passwords.
The clients of this business organization were very much reliable due to the impressive
strategies but were bluffed this time around due to the impressive strategy adopted by the
cyber criminals. The data was stolen from the original portal of thus fitness organization
(Loader & Thomas, 2013). The passwords were changes from the hash functions to the string
like characters which was not noticed by the internal stakeholders of this business
organization. The working principals of the hash function worked positively for the cyber
criminals as they turned the long passwords into cryptographic hashes which are very much
difficult to reverse. The attackers included intense source codes while encrypting the file.
Multiple rounds of complication were performed by the cyber criminals implemented their
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7COMPUTER SECURITY
strategies. All the data available in the application was compromised due to this data
breaching threat.
The non-financial aspects of the application were affected due to the attack. This
business organization stores the payment information in a more secure environment which is
the main reason why the financial benefits was not achieved to the cyber criminals. The threat
altered the data of the clients which was against the professional ethics considering the
growth and development of the organization. The account information was altered an impact
of the threat (Martin, Borah & Palmatier, 2017). The health plans were altered to a significant
extent. The exercise is modified and the clients had a negative impact due to this data
breaching activity. The blogs associated with the food were deleted or modified. Mapping
activities were very much impacted due to the threats. Calories could not be tracked during
the attack and the log activities of the clients cannot be checked by the super admins of this
portal.
Research discussion based on the topic
This paper helps in understanding the various impacts of the data breach on a business
organization. The aspects associated with the famous data breach of My Fitness Pal is stated
here, this unit of the paper will focus on the different opinions of the authors about the
mitigation strategies of these cyber-attacks.
As discussed by Vitak et al. (2018), the data breaching activity is a very common
cyber security issues in recent years due to the recent developments of the information
technology department. The extensive growth in this industry has led to these attacks. There
are plenty of emerging technologies which are widely used for the kinds of data security
breaches. The personal fitness data can be reversed using these techniques. The security
measures of every business organization should be updated quite frequently as more and
strategies. All the data available in the application was compromised due to this data
breaching threat.
The non-financial aspects of the application were affected due to the attack. This
business organization stores the payment information in a more secure environment which is
the main reason why the financial benefits was not achieved to the cyber criminals. The threat
altered the data of the clients which was against the professional ethics considering the
growth and development of the organization. The account information was altered an impact
of the threat (Martin, Borah & Palmatier, 2017). The health plans were altered to a significant
extent. The exercise is modified and the clients had a negative impact due to this data
breaching activity. The blogs associated with the food were deleted or modified. Mapping
activities were very much impacted due to the threats. Calories could not be tracked during
the attack and the log activities of the clients cannot be checked by the super admins of this
portal.
Research discussion based on the topic
This paper helps in understanding the various impacts of the data breach on a business
organization. The aspects associated with the famous data breach of My Fitness Pal is stated
here, this unit of the paper will focus on the different opinions of the authors about the
mitigation strategies of these cyber-attacks.
As discussed by Vitak et al. (2018), the data breaching activity is a very common
cyber security issues in recent years due to the recent developments of the information
technology department. The extensive growth in this industry has led to these attacks. There
are plenty of emerging technologies which are widely used for the kinds of data security
breaches. The personal fitness data can be reversed using these techniques. The security
measures of every business organization should be updated quite frequently as more and
8COMPUTER SECURITY
more technologies are used for this purpose. This kinds of data security breaches have the
ability to negatively impact the growth and progress of business organization (Melcherts,
2017). The repair time of these data breaches is also very much on the higher side which a
loss of time and resources for the organization. The confidential data which falls into the
hands of the hackers or the cybercriminals can be altered and modified as needed by the
cyber criminals.
Referring to the other authors it can be said that the data source of every online
business should be kept with huge security measures so that it is very difficult for the hackers
to get access to their accounts (Moore, 2014). All the files should be kept in an encrypted
form as it is a very secure measure considering the privacy and integrity of the data. Thus it
can be said that the security breaches should be solved purposefully in order to achieve the
desired organizational activities.
According to Moens & Roberts, (2017), effective IT governance plan should be the
one of the business objectives on every big and small sized business organizations. The
author of this resource focused on the importance of data security. Both the authors of this
resource considers data as one of the assets for every business organization, so along with
maintaining the financial security of this organization, these business organizations should be
investing more on the security of the data also. The authors of this resource helped the
readers of this document to find a plan which will help them to understand all the possible
risks associated with the integrity of the data.
Referring to the other authors it can be said there are lots of complexities associated
with the identification of the exact IT governance plan as the business situations are changing
every time. The confusion between the IT policies and the IT governance plan should be
solved by the retail industries (Moore, 2014). Different authors have a different opinion about
more technologies are used for this purpose. This kinds of data security breaches have the
ability to negatively impact the growth and progress of business organization (Melcherts,
2017). The repair time of these data breaches is also very much on the higher side which a
loss of time and resources for the organization. The confidential data which falls into the
hands of the hackers or the cybercriminals can be altered and modified as needed by the
cyber criminals.
Referring to the other authors it can be said that the data source of every online
business should be kept with huge security measures so that it is very difficult for the hackers
to get access to their accounts (Moore, 2014). All the files should be kept in an encrypted
form as it is a very secure measure considering the privacy and integrity of the data. Thus it
can be said that the security breaches should be solved purposefully in order to achieve the
desired organizational activities.
According to Moens & Roberts, (2017), effective IT governance plan should be the
one of the business objectives on every big and small sized business organizations. The
author of this resource focused on the importance of data security. Both the authors of this
resource considers data as one of the assets for every business organization, so along with
maintaining the financial security of this organization, these business organizations should be
investing more on the security of the data also. The authors of this resource helped the
readers of this document to find a plan which will help them to understand all the possible
risks associated with the integrity of the data.
Referring to the other authors it can be said there are lots of complexities associated
with the identification of the exact IT governance plan as the business situations are changing
every time. The confusion between the IT policies and the IT governance plan should be
solved by the retail industries (Moore, 2014). Different authors have a different opinion about
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9COMPUTER SECURITY
the implementation of the IT governance plan as it is very important to understand the nature
of work and the work culture before implementing this plan.
It can be also said that the implementation of the IT governance plan can positively
impact the organization considering the security and integrity of the data. Data management
is an important criterion for every business organization and lack of data management skills
can lead to cybercrimes such as the data breaching in the My Fitness Pal fitness organization
(Prakash & Singaravel, 2015). The management team of every business organization such as
the My Fitness Pal organization.
Preventive measures of the attack
The attack of this online fitness organization could have been avoided with the help of
the strategies discussed in the previous unit of this paper. All the networking activities of this
organization should be checked on a regular basis so that the threats coming from the internal
units of the organization should be stopped. The data breaching of this organization can also
be stopped with the help of frequently changing the passwords of the users accounts. All the
data which are transported from one unit of the application to the other unit of the application
should be through an effective medium (Romanosky, Hoffman & Acquisti, 2014). Sharing of
every personal data should be avoided by the clients of this organization as the practice of the
secondary personal emails should be practiced. Awareness is one of the main preventive
measures of these data breaches as the individuals should be aware of the different ways by
which this external threat affects this organization. In this data breach, the cyber criminals
used the concept of phishing emails so all the concerned stakeholders should be aware of
what phishing emails are and are its impact (Yar, 2013). All the other types of techniques
such as the safeguarding the social security numbers, destroying private records or having a
the implementation of the IT governance plan as it is very important to understand the nature
of work and the work culture before implementing this plan.
It can be also said that the implementation of the IT governance plan can positively
impact the organization considering the security and integrity of the data. Data management
is an important criterion for every business organization and lack of data management skills
can lead to cybercrimes such as the data breaching in the My Fitness Pal fitness organization
(Prakash & Singaravel, 2015). The management team of every business organization such as
the My Fitness Pal organization.
Preventive measures of the attack
The attack of this online fitness organization could have been avoided with the help of
the strategies discussed in the previous unit of this paper. All the networking activities of this
organization should be checked on a regular basis so that the threats coming from the internal
units of the organization should be stopped. The data breaching of this organization can also
be stopped with the help of frequently changing the passwords of the users accounts. All the
data which are transported from one unit of the application to the other unit of the application
should be through an effective medium (Romanosky, Hoffman & Acquisti, 2014). Sharing of
every personal data should be avoided by the clients of this organization as the practice of the
secondary personal emails should be practiced. Awareness is one of the main preventive
measures of these data breaches as the individuals should be aware of the different ways by
which this external threat affects this organization. In this data breach, the cyber criminals
used the concept of phishing emails so all the concerned stakeholders should be aware of
what phishing emails are and are its impact (Yar, 2013). All the other types of techniques
such as the safeguarding the social security numbers, destroying private records or having a
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10COMPUTER SECURITY
backup in the private servers can be one of the ways by which the impact of the data
breaching can be reduced.
The clients of this business organization should be restricted to access on all the
unauthorized files which are coming from outside their working environment (Vitak et al.,
2018). Before storing the data in the databases this fitness organization should be shredding
all the files and folders.
The online services which are provided by this fitness organizations should be
reviewed along with that it can also be said that the restriction of the unencrypted devices is
the other form of preventive measure for this business organization. The management team of
this online fitness organization should have been focusing on the automating systems which
have the capability to check the passwords settings of all their clients throughout the world
(Sen & Borle, 2015). The systems which are installed in the working environment of this
organization should be checking the privacy issues of the servers. The privacy and security of
the server rooms should be maintained with the help of IT based systems. The configuration
of the firewall should also be evaluated quite frequently as cyber criminals are also improving
their strategies and technologies for these kinds of cyber security attacks.
The adverse condition faced by this online fitness organization could have been
avoided with the help of the tracking the data which are circulated within the system and also
the data which are circulated outside the business environment of this organization (Xu et al.,
2014). Defining the accessibility to those who are working on the data of this organization
could have been one of the preventive measures considering the data breach of this
organization. The privacy and security training to all the internal and external stakeholders is
one of the other preventive measures of this attack (Stevens et al., 2017). Having a breach
backup in the private servers can be one of the ways by which the impact of the data
breaching can be reduced.
The clients of this business organization should be restricted to access on all the
unauthorized files which are coming from outside their working environment (Vitak et al.,
2018). Before storing the data in the databases this fitness organization should be shredding
all the files and folders.
The online services which are provided by this fitness organizations should be
reviewed along with that it can also be said that the restriction of the unencrypted devices is
the other form of preventive measure for this business organization. The management team of
this online fitness organization should have been focusing on the automating systems which
have the capability to check the passwords settings of all their clients throughout the world
(Sen & Borle, 2015). The systems which are installed in the working environment of this
organization should be checking the privacy issues of the servers. The privacy and security of
the server rooms should be maintained with the help of IT based systems. The configuration
of the firewall should also be evaluated quite frequently as cyber criminals are also improving
their strategies and technologies for these kinds of cyber security attacks.
The adverse condition faced by this online fitness organization could have been
avoided with the help of the tracking the data which are circulated within the system and also
the data which are circulated outside the business environment of this organization (Xu et al.,
2014). Defining the accessibility to those who are working on the data of this organization
could have been one of the preventive measures considering the data breach of this
organization. The privacy and security training to all the internal and external stakeholders is
one of the other preventive measures of this attack (Stevens et al., 2017). Having a breach
11COMPUTER SECURITY
response plan in the standby could also be an effective measure in dealing with the negative
impact of the data breaching in this organization.
Conclusion
From the above security audit paper, it can be concluded that effective IT governance
plan could have been useful for this organization to protect against the data breaching. The
most important characteristics of this famous data breaching act were that it was detected in
the later stages of the attack. The initial detection of this attack in the first place could have
saved millions of users of this fitness organization. The Under Armors took all the necessary
steps to contain this adverse situation by notifying the users about this ethical issue. The
activity of the program which infected the working functionalities of the application is also
considered in this paper. The technical background of the technologies used in the attack is
also mentioned in this document which helps in realizing the importance of the preventive
steps to get rid of such complex business situations. It can be also concluded that the
reputation of this organization could have been saved if this organization focused on their IT
strategy. The paper also focusses on the different opinions of the authors about the
containment of this data breach. The impact of this famous data breach is also understood
with this paper as more than 150 million users were affected by it all over the world. The
paper also highlights the ways by which the attack can be prevented.
response plan in the standby could also be an effective measure in dealing with the negative
impact of the data breaching in this organization.
Conclusion
From the above security audit paper, it can be concluded that effective IT governance
plan could have been useful for this organization to protect against the data breaching. The
most important characteristics of this famous data breaching act were that it was detected in
the later stages of the attack. The initial detection of this attack in the first place could have
saved millions of users of this fitness organization. The Under Armors took all the necessary
steps to contain this adverse situation by notifying the users about this ethical issue. The
activity of the program which infected the working functionalities of the application is also
considered in this paper. The technical background of the technologies used in the attack is
also mentioned in this document which helps in realizing the importance of the preventive
steps to get rid of such complex business situations. It can be also concluded that the
reputation of this organization could have been saved if this organization focused on their IT
strategy. The paper also focusses on the different opinions of the authors about the
containment of this data breach. The impact of this famous data breach is also understood
with this paper as more than 150 million users were affected by it all over the world. The
paper also highlights the ways by which the attack can be prevented.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 16
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.