Adobe has revealed that its servers were hacked and the hackers were able to steal data relating to accounts of some 2.9 million customers. The stolen data includes their customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. In another set of attacks, the hackers were able to steal source codes of some Adobe products. Adobe believes that the two attacks were related. Also Read - Adobe Flash Player bids adieu, uninstall it right nowAlso Read - iPhones of 36 journalists hacked using spyware by the NSO Group: Report
As a precaution, Adobe has reset passwords of every account and has reached out to users to change their passwords. It is also identifying customers whose credit or debit card information was stolen. At this point of time Adobe believes that no decrypted credit or debit card was stolen. However, it should be of concern why Adobe would store such sensitive information in decrypted format on its servers in the first place. Also Read - Adobe Photoshop, Premiere Pro, After Effects and other apps get new features
Adobe is the latest in a string of companies facing such attacks. Recently Apple suffered a major attack on its developer portal, which led to Apple taking the site down for a few days. Truecaller, a global social directory that crowdsources phone book information to link phone numbers with names, was also hacked. Other companies include Ubisoft, Opera Software and Evernote.
Here’s an excerpt from the announcement about the steps Adobe has taken so far.
We deeply regret that this incident occurred. We re working diligently internally, as well as with external partners and law enforcement, to address the incident. We re taking the following steps:
- As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
- We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
- We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers accounts.
- We have contacted federal law enforcement and are assisting in their investigation.