How Adobe’s 2.9 million hacked users could have beaten the data breach


Written by:

data breach Adobe was just hacked to the tune of 2.9 million customers’ data, including full names, encrypted credit or debit card numbers and their expiration dates, and other customer order information.

Adobe Chief Security Officer Brad Arkin started a blog post about the incident by explaining that “Cyber attacks are one of the unfortunate realities of doing business today.” He’s right. No company, no matter how trusted or established, can guarantee that they won’t lose, abuse, or misuse people’s data. Data breaches happen all the time, and they always will.

But there’s a trick to beating data breaches: don’t give websites real personal information. Consumers using disposable, or masked, info instead won’t be screwed when the inevitable hack happens.

[Were you hacked but aren’t using masked info yet? Check out the 4 things you should do right now to protect yourself.]  

Masked emails, credit cards, and phone numbers work just like their real counterparts by forwarding messages, calls, and charges to a user, but websites never get that person’s true information. And websites can’t lose what they don’t have.

adobe data breach Adobe joins the ranks of a long and growing list of trusted companies that suffered big hacks, including Zappos, LinkedIn, Playstation Network, Zendesk, and Evernote. Consumers’ thought process shouldn’t be, “Will this website get hacked?” Instead, they should be thinking, “What info can I give this site that won’t hurt me when it gets hacked?”

Masked info is a win-win for consumers: you can live your online life like usual, and when (not if) you get hacked, the attackers get disposable info that’s useless to them. They can’t link it to your other accounts because it’s unique.

This premise is the driving force behind MaskMe, a privacy tool we launched in July that gives you easy access to disposable emails, credit cards, and phone numbers. Check it out, and stay one step ahead of the next big data breach.

2 Replies to “How Adobe’s 2.9 million hacked users could have beaten the data breach”

  1. Hey!

    I really like maskme and i’m using it allready a while. I even made a video about it!

    But the one question people generally ask me when I explain maskme to them is: “Yes yes it is very handy, but if hackers are smart they just hack maskme then. Because Maskme holds all the information”.

    So what happens if hackers start to target you guys? Then all the information is free to or?


    • Hey there-

      To sum up my answer to your question, we go out of our way not to collect most customer data in the first place, so we don’t have a lot to hand over if the NSA ever asked us for it. That, or most of what we have is encrypted with the user’s password (which we don’t have), so anything we’d hand over would be garbled, encrypted nonsense to law enforcement.

      Abine is a privacy-by-design company with a simple, understandable privacy policy and a firm stance never to sell user data. DoNotTrackMe does not track any of our users’ web activity. It has no ability to collect data about what sites they visit or any other web behavior. The tool can save their personal settings and preferences, but those are stored locally on the user’s computer. Anyone can view the code under NDA. DNTMe has a 5-star rating in the Chrome extension store and has been downloaded more than 10 million times.

      With MaskMe, all of your accounts, passwords, and other browsing activity is stored locally in an encrypted database that we do not have the ability to decrypt. It’s encrypted using industry standard 256-bit AES encryption. If you choose to use the Sync feature to access your MaskMe data from any device, that means we’re storing that data in an encrypted form on our servers – we can’t read your passwords or see your accounts. You can view this chart to see exactly what data we have and how it’s stored.

      Our software is built entirely around the principle of privacy, which is something individuals can verify themselves by using an app that monitors the requests made for their computer’s information throughout the day, like Live HTTP Headers. DNTMe makes one request per day to the user’s computer for updated tracker blocking rules. It also checks for upgrades to new versions of DNTMe. Any user will be able to see those requests and what they entail. As we say in our privacy policy, there are a few limited pieces of information we get from DNTMe to make sound decisions about the product, but none of it is personally identifiable or sold to third parties.

      The only way we get paid is if our users trust us to be responsible with their personal information. If we mess that up, we risk our entire business model. Our duty is to our customers and their privacy. Period.

      Let me know if you have any other questions, and thanks for your support.

Leave a Reply