Adobe’s Chief Security Officer Brad Arkin announced today on the company’s blog that “sophisticated attacks” on its network have been discovered and that some customer information was compromised in the process:
Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers. Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.
Arkin says Adobe’s ongoing investigation has found that the attackers have accessed Adobe IDs and encrypted passwords for approximately 2.9 million customers, but that it does “not believe the attackers removed decrypted credit or debit card numbers.” They were, however, able to get their hands on names, encrypted credit or debit card numbers, expiration dates, and customer order information. The company is also investigating an attack that accessed source code for several Adobe products illegally.
Adobe is of course working with law enforcement and continuing its investigation, but in the meantime it announced it will be contacting customers, banks, law enforcement, and automatically reseting customer passwords: expand full story