Security Advisor

Adobe Hack Results in Stolen Source Code and Customer Data

Adobe alerted customers on Thursday that a breach by hackers has resulted in the loss of 2.9 million customers' personal data -- including user names, encrypted credit card information and passwords.

"Very recently, Adobe's security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products," wrote Adobe's Chief Security Officer Brad Arkin in an Adobe blog post. "We believe these attacks may be related."

Along with personal customer information, those responsible also accessed Adobe software source code. However, Arkin said he believes this won't lead to any additional security threats.

Earlier in the day, security expert Brian Krebs discussed in his Krebs on Security blog that he and a team with Hold Security had discovered the Adobe  source code leak sometime last week and said more than 40 GB of stolen data  related to Adobe Acrobat and ColdFusion were found on a server connected to a criminal ring specializing in identity theft services.

"In an interview with this publication earlier today, Adobe confirmed that the company believes that hackers accessed a source code repository sometime in mid-August 2013, after breaking into a portion of Adobe's network that handled credit card transactions for customers," wrote Krebs. "Adobe believes the attackers stole credit card and other data on approximately 2.9 million customers, and that the bad guys also accessed an as-yet-undetermined number of user names and passwords that customers use to access various parts of the Adobe customer network."

In response to the attack, Adobe has resetted  the passwords of those customers affected and are urging Adobe users to immediately change any shared passwords used for both Adobe and other Web sites.

As for the stolen financial information, Arkin said the company is currently contacting customers who are affected and are offering a year of a free credit monitoring services and have alerted customer-used financial institutions of the situation.

Featured

  • Performing a Storage Refresh on Windows Server 2016, Part 2

    Earlier, Brien walked through the steps of preparing a physical Windows Server 2016 machine for a storage refresh. Now, he shows how to complete the process, all the way to OS restoration.

  • New Office App Coming to Windows 10 Users

    Microsoft is delivering a new Office app for Windows 10 consumer and business users over the new few weeks, according to a Wednesday announcement.

  • Microsoft Warns .NET Core 1.0 and 1.1 Losing Support in June

    Microsoft gave notice this week that .NET Core 1.0 and 1.1 will fall out of support on June 27, 2019.

  • Microsoft Publishes Windows Deadlines on Upgrading to SHA-2

    Microsoft on Friday described its 2019 timeline for when it will start distrusting Secure Hash Algorithm-1 (SHA-1) in supported Windows systems, as well as in the Windows Server Update Services 3.0 Service Pack 2 management product.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.