Adobe announced today that it was target of a hack by an unidentified group. The company confirmed that the hackers gained access to 2.9 million Adobe customer accounts. Adobe added that it is investigating the possibility that hackers obtained the source code for several key Adobe products.
Adobe issued a statement that confirmed it has taken several measures to secure customer data in wake of this intrusion. Adobe writes on it blog that it has done the following:
- As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
- We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
- We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
- We have contacted federal law enforcement and are assisting in their investigation.
Adobe claims the data that was accessed was encrypted and that it “does not believe the attackers removed decrypted credit or debit card numbers.” Despite this assurance, this is still not something that should be out in the wild. The possibility of a hack was uncovered this morning when Brian Krebs noticed 40GB of source code for Adobe products on a private hacker server. Products compromised in this attack include Adobe Acrobat, ColdFusion, and ColdFusion Builder.
If you are an Adobe customer, check your email to see if you were one of the customers affected by this security breach. Even if your account was not compromised, now might be a good time to change your Adobe password and keep a closer eye on your credit card charges.