Adobe Hacked - User Accounts believed to have been Compromised

In an unfortunate turn of events, Adobe, makers of the popular Business Catalyst and Photoshop products, have had their systems compromised by hackers.

According to a blog post by Adobe's Chief Security Officer, Brad Arkin, several million accounts are believed to have been compromised.

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.

Some of the information believed to have been compromised include customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. An approximate estimate by Adobe is that 2.9 million accounts have been affected by this hack.

As a reaction to this, Adobe has announced the following courses of action are being taken:

  • As a precaution, they are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from Adobe with information on how to change your password. They are also recommending that you change your passwords on any website where you may have used the same user ID and password.
  • They are in the process of notifying customers whose credit or debit card information they believe to be involved in the incident. If your information was involved, you will receive a notification letter from Adobe with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
  • They have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
  • Theye have contacted federal law enforcement and are assisting in their investigation.

In addition to this particular compromise, they are also investigating the illegal access to source code of numerous Adobe products. For more information, please see the blog post here. If you are concerned or believe your account to be affected, read the post here and take the appropriate actions.