Yeah... about Adobe Cloud and Photoshop and all that...

Yeats

All-Pro
Location
New Jersey, USA
Name
Chris
(Reuters) - Adobe Systems Inc said on Thursday that hackers had stolen source code to some of its most popular software and data about millions of its customers.

Security experts worry about the theft of source code because close review of the programs can lead to the discovery of new flaws that can be used to launch hard-to-detect attacks against all users of that software.

The hackers took source code for Adobe Acrobat, which is used to create electronic documents in the PDF format, as well as ColdFusion and ColdFusion Builder, used to create Internet applications, Adobe said.

Adobe Chief Security Officer Brad Arkin said the company had been investigating the breach since its discovery two weeks ago and that it had no evidence of any attacks based on the theft. "Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident," Arkin wrote on an Adobe blog.

Arkin said hackers also took information on 2.9 million Adobe customers, including their names, user identification numbers and encrypted passwords and payment card numbers. He said the attacks may be related.

The company said it was resetting passwords for affected customers worldwide and warning people to change any passwords reused at other sites. The U.S. Department of Homeland Security's computer incident response team on Thursday warned that Adobe customers should be on the alert for fraud.

Adobe said it was working with banks and federal law enforcement to mitigate intrusions on customer accounts and to pursue those responsible.

The company said it had been helped by cybersecurity journalist Brian Krebs and security expert Alex Holden, who found a cache of Adobe code while probing attacks at three major U.S. data providers.

Krebs wrote on his blog, KrebsonSecurity.com, on Thursday that the two men discovered the code while investigating breaches at Dun & Bradstreet Corp, Altegrity Inc's Kroll Background America Inc and Reed Elsevier's LexisNexis Inc.

He said the Adobe code was on a server that he believed was used by those who hacked into LexisNexis and the others. The hackers offered Social Security numbers, credit report information and other highly sensitive data for sale over the Internet and had access inside the companies' websites through hacked computers, Krebs said.

In a 10-Q filing on Thursday, Adobe referred to the recent attacks in one paragraph. "We do not believe that the attacks will have a material adverse impact on our business or financial results," it said. "It is possible, nevertheless, that this incident could have various adverse effects."

(Reporting by Joseph Menn and Jim Finkle; Editing by Eric Walsh and Carol Bishopric)


http://www.reuters.com/article/2013/10/04/us-adobe-cyberattack-idUSBRE99212Y20131004
 
I would hope that these words never appear all connected again........ "Adobe Chief Security Officer Brad Arkin"

I'm waiting for an email from him although I think I may be alright.
Last week I bought Photoshop Elements 12 from them ( my first ever direct purchase from Adobe ) but I used my Amex Card through PayPal for the transaction.
Never thought that I'd be glad to use PayPal.
 
What it means is there's a chance if you've ever bought anything from adobe, someone might now have your credit card details and adobe site password, albeit in encrypted form .
If however the encryption can be cracked ... Not good news.

My suggestion is to cancel all your cards, never use a computer again and just shoot film
 
What it means is there's a chance if you've ever bought anything from adobe, someone might now have your credit card details and adobe site password, albeit in encrypted form .
If however the encryption can be cracked ... Not good news.

My suggestion is to cancel all your cards, never use a computer again and just shoot film

That's about the size of it.
 
Adobe Chief Security Officer Brad Arkin said the company had been investigating the breach since its discovery two weeks ago and that it had no evidence of any attacks based on the theft. "Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident," Arkin wrote on an Adobe blog.

Considering the security failures with Adobe Cloud, I don't think that Brad Arkin is aware of very much at all, increased risk to customers 'n all.
 
Back
Top