Adobe Systems has been hacked and as a result critical data from over 2.9 million of its customers has been compromised. This data includes customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.
"Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders," Brad Arkin, Adobe's chief security officer, stated in an online security alert.
Adobe makes the world's leading creative production software including Creative Cloud and Creative Suite which include iconic products such as Photoshop, Dreamweaver, Premiere and Illustrator.
The wholesale pillaging of Adobe's system also included "source code for numerous Adobe products" that was stolen in a separate intrusion that could be related to the theft of customer information. Adobe says that the hackers accessed encrypted credit card and debit card numbers and that they don't believe decrypted information was stolen.
The company said customers whose credit or debit card information was compromised would be offered a year's membership in a credit monitoring service courtesy of Adobe.
"We will work aggressively to prevent these types of events from occurring in the future. Again, we deeply regret any inconvenience this may cause you," Arkin said. This is the largest such hacking occurence in recent history and one targeting one of the largest and most successful software companies.
The attack is a wake up call. Not just for Adobe, who states in their blog page that, "Cyber attacks are one of the unfortunate realities of doing business today." But for any company that's in charge of keeping their customer's personal and financial information safe. For their part, Adobe is doing what they can. While they can't retrieve the stolen data, they've set up the following measures.
- As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
- We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
- We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
- We have contacted federal law enforcement and are assisting in their investigation.
Source: PC World