The details of the breach have not been completely disclosed, but Adobe has said that the user information stolen included user names, encrypted passwords, encrypted credit and debit card information, expiration dates etc. Even if this was all that the thieves took that would be a pretty good haul, but sadly for Adobe it was not. Adobe is also reporting that the uncompiled source code for Cold Fusion, Cold Fusion Builder and Adobe’s Acrobat were taken as well. The source codes is a very big loss as it gives malicious individuals the chance find exploits very quickly without the need to muck around with decompiling completed code.
Right now Adobe is in the process of investigating the attack to prevent future breaches and also to ensure that there is not anything else “missing”. This last part can be a problem simply because information is typically copied off instead of being truly removed. There is also a high probability that the attackers left or tried to leave a way back into the system that Adobe will have to find and remove (in addition to blocking the original exploit used) or they risk losing more user data and their own valuable source code. This last part is the most difficult and we have seen companies miss items and remain open to more attacks and data loss (one company kept missing them for almost 5 years).
Adobe is also responsible for notifying the 2.9 million users that their information has been compromised. They will be sending out emails to inform these people of the fact that their personal data including encrypted credit card information is now in the hands of malicious people. Adobe is going to offer a free, one-year, credit watch service to these people, but let’s face it would you continue to use the same cards even with that protection? Make no mistake; although it was probably not one of their goals, this data theft will have an impact on Creative Cloud sales because of the monthly billing requirements.
We have been able to obtain a copy of the email being sent out to those that are affected shown below:
"We recently discovered that attackers illegally entered our network. The attackers may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account. If you have placed an order with us, information such as your name, encrypted payment card number, and card expiration date also may have been accessed. We do not believe any decrypted card numbers were removed from our systems.
To prevent unauthorized access to your account, we have reset your password. Please visit www.adobe.com/go/passwordreset to create a new password. We recommend that you also change your password on any website where you use the same user ID or password. As always, please be cautious when responding to any email seeking your personal information.
We also recommend that you monitor your account for incidents of fraud and identity theft, including regularly reviewing your account statements and monitoring credit reports. If you discover any suspicious or unusual activity on your account or suspect identity theft or fraud, you should report it immediately to your bank. You will be receiving a letter from us shortly that provides more information on this matter.
We deeply regret any inconvenience this may cause you. We value the trust of our customers and we will work aggressively to prevent these types of events from occurring in the future. If you have questions, you can learn more by visiting our Customer Alert page, which you will find here"
Tell us what you think in our Forum