Brad Arkin, Adobe’s Chief Security Officer stated on the Adobe blog late yesterday that hackers had broken into their computer network and had taken both customer data and software source code that could be used to launch hidden attacks.
“Attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders”
The hackers also walked off with Adobe’s source code for its biggest product – Adobe Acrobat product that is widely used for creating PDF files, they also grabbed source code for ColdFusion and other products.
Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers. Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.
It is believed the breach started in the middle of August and a forensic investigation kicked off on September 17. If this source code gets out onto the black market, it could mean the code could be used to create backdoors, malware, and viruses on the desktops of millions of systems around the world. Adobe is widely used for pdf creation and reading, and there are alternatives out there for those products, so the threat of someone cloning their software is probably not how it’s going to end up. Adobe has been shifting to more and more of an online model for their software in an effort to normalize revenue, control piracy, and provide cloud service flexibility to the market.
We are also investigating the illegal access to source code of numerous Adobe products. Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident. For more information, please see the blog post here.
Affected customers is having their passwords reset by Adobe and they are reportedly sending out notifications for those customers who had their financial information exposed in the breach. The breach ranks among the highest number of impacted security incidents this year, and all time. 2.9 million is nothing to sneeze at – this appears to be a massive snatch and a sustained leak. It is expected that more details on this breach will be reported as they emerge. It was one year ago today that an Adobe signing certificate was hijacked, after a company build server was compromised. Adobe is indeed a major cyber security target given their massive base and the trust built into their products over many years. Arkin’s communications are timely and part of a rapid response that the company have surely enacted in response to one of these types of events.