Massive Adobe Security Breach: Change Your Passwords Now

Massive Adobe Security Breach: Change Your Passwords Now

Adobe has confirmed that customer information for 2.9 million users, including passwords and credit card details, and source code for some of its products have been stolen from its network. If you’ve ever purchased a product from Adobe online, it’s time to change your password.

According to Adobe’s online FAQ, the attackers gained access to account details for 2.9 million customers. The data was in encrypted form, and Adobe suggests it hasn’t been decrypted yet, but advises customers to reset their passwords as a precaution.

Customers who were in the affected list or who have credit card details registered with Adobe will be sent an email advising them to change their password. We’d advise starting the process yourself from the Adobe web site, since it’s almost inevitable scammers will send copycat phishing emails in the near future.

The attackers gained access to source code for Adobe’s Acrobat Reader PDF software and ColdFusion web development platform, though we don’t know which version and there has been no evidence of attacks using the knowledge gained from that code so far. It’s not yet clear whether source code for other products was accessed; Adobe’s statement suggests there is a “possibility” this happened.

The attacks were first revealed by Brian Krebs. It’s an unwelcome development for Adobe, given that it has heavily promoted its subscription-based Creative Cloud services as a future direction for the company.

In Australia, the company has also come under heavy fire for its high prices relative to the US. Its reaction to the latest attack rather underscores its America-centric approach; US customers affected by the hack are being offered free membership in a credit monitoring service, but no similar arrangements have been made for other customers.


    • If you are lucky, they might take the time to make a movie of themselves laughing at the idea that they care what you – the user – want.

  • Wow… what a pain in the @rse for a lot of people. I’ve forwarded this to everyone I know who this would affect.

  • This sort of thing is why we should be more active in making psuedo accounts on cheap domains, paying with disposable credit cards.
    It doesn’t matter that your password has capitals, numbers and various shades of magenta, if the people looking after it are just plain incompetent.

  • Frign twats! I have to find out about this through a blog.

    My only question is how secure are the credit card numbers that where apparently encrypted. Do I have to ring my bank and get a new card sent out? ffs.

  • Didn’t Adobe recently tell Aussies the reason we pay a premium is because of “localised” and “personalised” services? Security obviously wasn’t one of them, nor does it seem compensation for identity theft. Unless you’re an American…

  • I signed up for Adobe live once, I never used it. Also I am now
    somewhat glad I didn’t go cloud yet

Show more comments

Comments are closed.

Log in to comment on this story!