Story image

Adobe admits 38 million users hacked, not 3 million

31 Oct 2013
Twitter
Facebook

Adobe has admitted that 38 million users have been affected by a cyber security attack, after previously claiming only three million were impacted.

The software giant, responsible for programs such as Adobe Photoshop, originally claimed three million customer accounts had credit card information stolen.

But that was October 3, and nearly a month on, the company has revealed the situation more than ten times worse.

Stealing source code to products Photoshop, Acrobat, ColdFusion and ColdFusion Builder, the company's Chief Security Officer Brad Arkin claims "cyber attacks are one of the unfortunate realities of doing business today."

"Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers," Arkin says, in an important security announcement on the company's blog page.

"Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related."

Arkin believes the company's investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on Adobe's systems.

"We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders," he adds. "At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.

"We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident."

As a result of the breach, Arkin told users the company is taking the following steps to stop the attack:

"As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts," Arkin says. "If your user ID and password were involved, you will receive an email notification from us with information on how to change your password.

"We also recommend that you change your passwords on any website where you may have used the same user ID and password.

"We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident.

"If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you.

"Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available."

Arkin says it has notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts, as well as the federal law enforcement and are assisting in their investigation.

"Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident," Arkin concludes.

"We value the trust of our customers. We will work aggressively to prevent these types of events from occurring in the future.

"Again, we deeply regret any inconvenience this may cause you."

If you would like additional information, please refer to Adobe’s Customer Support page by clicking here

Have you been breached? Tell us your thoughts in the comments below

Story image
13 Nov
Motorola APX NEXT brings tech innovation to public safety
With public safety virtual assistant ViQi, APX NEXT helps officers focus on what matters most.More
Story image
Yesterday
Google Cloud acquires CloudSimple
Google Cloud has made another strategic move within the cloud sector after acquiring CloudSimple, a provider of secure, high-performance, dedicated environments that help run VMware workloads in the cloud.More
Story image
14 Nov
Harcourts chooses Nintex to advance business operations
“Nintex Promapp is the perfect process management solution, enabling us to leverage the best-practice knowledge we have captured, allowing for real-time feedback, and helping us to create and maintain a high-performance work environment to the benefit of our team and, ultimately, our customers.”More
Story image
19 Nov
Q&A with Isentia: Knowing your customer base in an ever-changing media environment
How do you make enough noise to let people know who you are, but also build an authentic community and open lines of communication with your audience?More
Story image
19 Nov
Automation Anywhere advances IQ Bot to extend Intelligent Document Processing
“IQ Bot’s latest release further simplifies the automation journey by empowering business users to easily harness AI and machine learning to rapidly automate document-centric processes by themselves."More
Download image
How to design a secure data centre network
When considering data centre security, you will need to decide which security functions need to be deployed and where you want to deploy them.More