Hackers are getting sneakier. Once upon a time, they were only after one thing: credit/debit card information to use for financial gains. Now, they are hitting service providers hard by attacking product source codes. Adobe is the latest victim, losing both customer data and source code to a hacker attack. Read our initial coverage here.
Adobe Chief Security Officer Brad Arkin revealed that its security team discovered sophisticated attacks in its network, which involved illegal access to customer account information as well as source code for numerous Adobe products. Though it hasn’t been proven, Adobe believes that the attacks are related.
“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident,” Arkin wrote.
Adobe takes steps to cushion the blow to customers
Adobe has already notified its customers affected by the account. Adobe reset passwords for compromised accounts and the owners of the accounts were sent an email as to how to change their passwords and were advised to change the password of other online accounts wherein the same user IDs and passwords were used. For holders of compromised debit and credit card information, they will receive a notification letter from Adobe as well as additional information on steps to take to help protect against potential misuse of personal information. Adobe is also offering customers whose credit or debit card information were compromised the option of enrolling in a one-year complimentary credit monitoring membership.
Adobe has also notified banks processing customer payments for the company, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
And last, Adobe tapped federal law enforcement to aid in the investigation.
Everyone is fair game
As mentioned above, some Adobe product source codes were accessed by the hackers. Though the company believes that it will not affect its customers, it still poses a huge problem for the company.
“The Adobe breach shows that everyone is fair game,” says Eduard Goodman, chief privacy officer at risk management firm IDentity Theft 911. “The hackers went in and stole private consumer information in the form of card information, even if it was encrypted, and they stole intellectual property. Those are two valuable assets.”
Hacker will hit anyone they see as weak, and it is our duty, as consumers/users, to keep them out. Sure security companies are doing their best to keep hackers at bay but the responsibility still falls on us. Here are some quick tips to keep online accounts secure:
3 Tips to Keep Online Accounts Safe
- Update security software
Hackers can gain access to our computers in a number of ways, so it would be best to install security software and keep it updated.
- Steer clear from shady sites
Don’t be trigger happy when clicking on links. A lot of times, when you hover on a link, it shows you the address. Be sure to look at it carefully to see if the link will actually direct you to the right site. It could be a dummy site used for phishing.
It can be hard to remember the myriad of passwords for different services, so many of us use the same password for all. The problem is, when one service gets compromised, the hackers can use the same password to get a hold of your other accounts.
You can use password lockers to help you securely remember passwords for different services. Or you can write them down, but be sure to keep that piece of paper safe from prying eyes. Also, be sure to change your password at least every six months.