Jump to content

Adobe Hacked, 2.9 Million Customer Accounts Compromised


Firefox
 Share

Recommended Posts

Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers. Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident. We’re taking the following steps:

•As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.

•We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.

•We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.

•We have contacted federal law enforcement and are assisting in their investigation.

We are also investigating the illegal access to source code of numerous Adobe products. Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident. For more information, please see the blog post here.

We value the trust of our customers. We will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you. If you would like additional information, please refer to Adobe’s Customer Support page.

Brad Arkin

Chief Security Officer

More Info: http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html

Link to post
Share on other sites

  • Root Admin

involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.

How could they be related?

Some customer information can be located on the Internet facing ordering system but the product source code should be on a very different system and even more secure. Neither should contain any information to assist in hacking either site.

Link to post
Share on other sites

yep ... the source code section should be an entirely separate system .

perhaps the attackers intended a "two front" plan of attack ?

or ... once into the system they got lucky because of an security tech oversight ?

 

 

"Brad Arkin
Ex-Chief Security Officer"

 

CFA

Link to post
Share on other sites

Wow....I got the email last night and I actually checked to see if it was a hoax.  Nope, this was for real.  I only have an account so I can authorize reading apps with Adobe Digital Edition to read ebooks.  They had no other info on me other than my name, email address, and password.  

 

What a huge black eye for Adobe, though, to have such a huge security breach!  

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.