Adobe cyberattack ten times worse than originally thought
The loss of encrypted data included user names, passwords and credit card information
Wednesday 30 October 2013
Adobe has revealed that a cyberattack it suffered earlier this month affected ten times more users than initially estimated.
The initial attack took place on 3 October, with Adobe chief security officer Brad Arkin announcing that “attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.”
This number has since been revised to 38 million active accounts, with Adobe also revealing that the source code for Photoshop, Adobe Acrobat, Reader and its ColdFusion web platform were also stolen.
Cyber security specialist Brian Krebs broke the news on his blog after examining a 3.8GB file posted to a hacking forum that contained “more than 150 million username and hashed password pairs taken from Adobe”.
Adobe has since explained that this figure refers to “inactive, invalid and test accounts”, but that 38 million “active” user accounts have been affected.
“So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users,” said Adobe spokesperson Heather Edell.
“We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident—regardless of whether those users are active or not.”
“We are still in the process of investigating the number of inactive, invalid and test accounts involved in the incident,” said Edell in an email. “Our notification to inactive users is ongoing.”
Although the stolen information was encrypted it is still possible that determined hackers will be able to decode the login details. This could lead to attacks on individuals’ Adobe accounts as well as other online identities, as most internet users tend to re-use passwords across multiple sites.
Adobe has so far refused to comment on whether or not the stolen information has been used in attacks against their users, commenting only that “Our investigation is still ongoing”.
educationTo mark International Women's Day, Sarah Brown on how charities have brought proper joined-up thinking to the delivery of education
Life & Style blogs
The future of sex: The first female condoms were derided, mistrusted and shunned - but will their modern counterparts catch on?
Satoshi Nakamoto unmasked: Report claims bitcoin inventor is 64-year-old coder living in Los Angeles
Private school refuses to readmit anorexic pupil because her presence would be 'too disruptive to the rest of the year group,' mother claims
'It's brusquely intimate': A bereaved daughter tackles the task of emptying her father's flat
Study suggests that 'gaydars' are real - at least for women
Apple's Tim Cook: Business isn’t just about making profit
Thousands of young people forced to go without food after benefits wrongly stopped under 'draconian' new sanctions regime
Ukraine crisis: New navy chief 'defects' and surrenders Crimean HQ as Putin claims ultranationalists forced intervention
Britain's top vet sparks controversy with call for ban on slashing animals' throats in 'ritual' slaughters for halal and kosher meat products
Ukraine crisis: Russia dismisses '3am ultimatum' as 'total nonsense'
If you're horrified by a flame-roasted dog, you should be shocked at a hog roast
- 1 The future of sex: The first female condoms were derided, mistrusted and shunned - but will their modern counterparts catch on?
- 2 South African rhino finally put down after roaming Kruger park for days with horn hacked off and bullet in brain
- 3 Channel 4 announces two-hour TV show to be broadcast 'Live from Space' later this month
- 4 Man stabbed with Legend of Zelda Master Sword in serious condition
- 5 Study suggests that 'gaydars' are real - at least for women
iJobs Gadgets & Tech
£1000 per month: Inspiring Interns: Our client is a start-up mobile app develo...
£6.31 per hour: Inspiring Interns: This growing predictive analytical software...
£55000 - £70000 per annum + Benefits + Bonus: Harrington Starr: C# Developer (...
£60000 - £70000 per annum + Benefits: Harrington Starr: Senior C# ASP.NET Deve...