Adobe have released a statement announcing that certain information relating to 2.9 million of their customers has been removed from their systems, in an incident that was first discovered back on 17th September 2013. The information that was stolen includes customer names, encrypted credit/debit card numbers, expiration dates, and other information relating to customer orders.
Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.
Adobe are currently in the process of resetting the passwords for customers (mainly Revel and CC) affected by the breach to help prevent unauthorized access to Adobe ID accounts. If you are one of these customers then you will be receiving an email explaining how to reset your password as well as being advised to reset passwords on other websites where you may have used the same username and password. User can use this form to reset their passwords. The company is advising customers to keep an eye on their card transactions after the data breach and have notified banks to be on the look out for suspicious activity on affected cards. For US customers only, Adobe are offering a free one-year complimentary credit monitoring membership.
This will come as a big blow to the company as they have invested heavily in The Cloud recently after the release of their Creative Cloud program, which see all Adobe software being released via download to a desktop client as opposed to the older standalone installations.
In what is thought to be a related but separate incident, the company that is known to most people for their photo editing software Photoshop, has also revealed that the source code to numerous Adobe products has also been stolen. Two of the products thought to have had their Source Code stolen are ColdFusion and Adobe Acrobat. The screen shot below was taken by Brian Krebs, an independent security researcher, who revealed the attacks on his site just prior to the official announcement by Adobe. Krebs became aware of the source code leak after working alongside another security researcher, Alex Holden of Hold Security LLC, who discovered a huge 40GB file of compiled and pre-compiled source code stashed on a server used by the same cyber criminals believed to have hacked into major data brokers earlier this year, including LexisNexis, Dun & Bradstreet and Kroll.
Clients who use the Acrobat Enterprise Toolkit and the ColdFusion packages are being advised to make sure that their software is fully up-to-date. You can find the Cold Fusion Lockdown Guide here and information relating to Acrobat security here.