On October 3rd, Adobe publicly admitted that they had experienced a major attack, and that upwards of 3 million accounts were affected. Rachel King over at CNET noted that it was a “major security breach in which sensitive and personal data about millions of its customers have been put at risk.”
These customers’ names, private credit card information, debit card numbers, and much more were exposed during the attack.
Adobe has gone into damage control mode, assuring customers that it is no longer an issue.
Brad Arkin, Chief Security Officer, of Adobe issued a statement in a blog post on October 3rd, explaining the measures being taken to prevent this from happening again and detailed the way in which the cyberattack was discovered:
Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.
Arkin also noted that cyberattacks are an unfortunate reality, and that given the popularity of Adobe, it risks becoming a victim of such attacks.