Story image

38m Adobe users unaware of major data breach

28 Nov 2013

Ten weeks after admitting 38 million users have been affected by a massive cyber security attack, software giant Adobe has revealed it is taking longer than expected to warn customers of the risks.

After initially reporting the breach on September 17, the company has since failed to notify those affected, increasing the risk of cyber-scams and identify theft.

With a huge stash of stolen Adobe data circulating the Internert, company spokeswoman Heather Edell was at a loss to explain the situation, simply stating: "Email notifications are taking longer than we anticipated."

After previously claiming only three million customer accounts had credit card information stolen, Adobe admitted the figure was ten times worse on October 31, with the company's Chief Security Officer Brad Arkin telling users:

"We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.”

So far however, little has changed, with a host of security firms within the industry heavily criticising Adobe for the error.

"This is a pretty massive screw-up," said Chester Wisniewski, a senior security advisor at anti-virus software maker Sophos.

"Anybody can go and download the list. It's not a secret."

Social media giant Facebook has also taken action, strongly advising certain users to change their passwords, to minimise the risk.

"Recently, there was a security incident on another website unrelated to Facebook," the warning states.

"Facebook was not directly affected by the incident, but your Facebook account is at risk because you were using the same password in both places.

"To secure your account, you'll need to answer a few questions and change your password.

"For your protected, no one can see you on Facebook until you finish."

Echoing the company's notification, Facebook spokesman Jay Nancarrow told the press: "We actively look for situations where the accounts of people who use Facebook could be at risk, even if the threat is external to our service.

"When we find these situations, we present messages to people to help them secure their accounts."

As reported on Techday.com, following the breach, Adobe told users to take the following steps to stop the attack:

“As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts,” Arkin said at the time.

“If your user ID and password were involved, you will receive an email notification from us with information on how to change your password.

“We also recommend that you change your passwords on any website where you may have used the same user ID and password.

If you would like additional information, please refer to Adobe’s Customer Support page by clicking here

Have you been breached? Tell us your thoughts in the comments below

Yamaha unveils simplified UC deployments
"In this fast-paced world, meeting participants need to be able to feel comfortable and hear those on the far end clearly to brainstorm new ideas and accomplish goals."
French cloud giant sets up shop in two APAC data centres
OVH Infrastructure has expanded its public cloud services in the Asia Pacific (APAC) market operating from two data centres within the region.
Jobs of the future: Will humans outmatch AI co-workers
"Regardless of how the workforce changes, automation, data and algorithms will complement rather than replace human employees."
How IBM’s acquisition of Red Hat could impact your business
The acquisition is pending regulatory approval, but IBM expects the deal to close in the second half of 2019. 
SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Google doubles down on hybrid cloud strategy
CSP is a platform that aims to simplify building, running, and managing services both on-premise and in the cloud.
Why NSP adoption of ECX Fabric is on the rise
ECX Fabric aims to enable networks to streamline their access to the world’s largest cloud providers.
Cloud data warehouse trends and best practices
"TDWI sees a wide range of data-driven IT systems moving to the cloud aggressively, and this includes the data warehouse."