Adobe has confirmed that cyber attackers got the best them, with an exploit leading to data on nearly 3 million customers being compromised.
Besides 2.9 million Adobe IDs and passwords being stolen, full customer names, encrypted credit/debit card numbers, and expiration dates were also compromised for many of the customers.
Additionally, "source code for numerous Adobe products" was ... [ read the full article ]
Please read the original article before posting your comments.
Honestly the best security now would be to let your credit card company know to get a new card. Your old data is now rendered useless as there is no telling when the encryption will be broken and it could take past a year before anyone does anything with this information. It's a pain in the ass sure, but it's the best option out there.
Yeah, the 1 year of credit protection is a joke, just a way to cover their asses if somebody wants to sue them for breach of contract.
Id like to know if this was an internal security breach or an external attack on their servers. By the sounds of the source code being stolen and the sheer number of users compromised I would have to say the former is more likely. Surely they would have a way to monitor if 3 million accounts had been accessed from an outside source, and sourcecode should never be in a place accessible outside the company...
Quote:Id like to know if this was an internal security breach or an external attack on their servers. By the sounds of the source code being stolen and the sheer number of users compromised I would have to say the former is more likely. Surely they would have a way to monitor if 3 million accounts had been accessed from an outside source, and sourcecode should never be in a place accessible outside the company...
The exact same thing Sony had to explain back in 2011. Should be interesting to see where it goes now, but the more companies get hacked, the less accountable they appear to have to be.
So according to consumerist adobe has no idea how or where the breach occurred, it was dumb luck that a computer forensic investigator happened to find the 40Gb of source code on a hacking teams server. Apparently the breach occurred some time in the past year before August to which Adobe started investigating in mid-September.
"As for concerns that the exposed source code might open up existing Adobe products to security concerns, the Adobe exec says, ?We are looking at malware analysis and exploring the different digital assets we have. Right now the investigation is really into the trail of breadcrumbs of where the bad guys touched.?"
I hate to say it, but i expected to see this and glad to see it happened to them, and another reason i don't like ad0be. Why? I use to work at M$ and during our security push, we found numerous security bugs in flash and other ad0be products, gave them a list of components and vulnerabilities that were pretty serious security wholes. Ad0be's response at least to the ones i knew about was "We don't need to worry about these security wholes and will not fix them, besides most users shouldn't be affected by them..."
Just wonder if they will continue to have the same careless attitude towards security now?
