Hackers have hit Adobe hard with an attack that Adobe believes resulted in the compromise of 2.9 million Adobe customer accounts, including access to “customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.”
In a statement to customers, Adobe had the following to say about the attack:
We recently discovered that attackers illegally entered our network. The attackers may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account. If you have placed an order with us, information such as your name, encrypted payment card number, and card expiration date also may have been accessed. We do not believe any decrypted card numbers were removed from our systems.
To prevent unauthorized access to your account, we have reset your password. Please visit www.adobe.com/go/passwordreset to create a new password. We recommend that you also change your password on any website where you use the same user ID or password. As always, please be cautious when responding to any email seeking your personal information.
To be clear, this is NOT just Adobe Creative Cloud customers, this is possibly anyone who has ever signed up for a free Adobe account to do things as simple as download a free software trial from Adobe’s website.
Adobe recommends that users login and reset their passwords for their Adobe accounts.
One of the questions on Adobe’s FAQ page reads: “Adobe seems to ahve a lot of security issues. Why is that?” Adobe’s response:
Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use many of our products, Adobe has attracted increasing attention from cyber attackers. We are working diligently internally, as well as with external partners and law of enforcement, to address the incident. We value the trust of our customers and will work aggressively to prevent these types of events from occurring in the future.
You can learn more about the attack and how to reset your Adobe account info here on Adobe’s website.
Ed Mease says
Hey Eric
What do you think about this creative cloud stuff now?
Your statement “To be clear, this is NOT just Adobe Creative Cloud customers, this is possibly anyone who has ever signed up for a free Adobe account to do things as simple as download a free software trial from Adobe’s website.”
Is true but the difference between me as an Adobe user and you as an Adobe user is that adobe does not have my credit card account information!!! Luckily for me I have bought my Adobe products from other companies like Amazon. I have an Adobe account but because I don’t buy the software from Adobe’s website they don’t have my bank account information. It will be a hassle yes I will have to go in and change my password for my Adobe account so I can continue to download updates for my existing software but not that big of a deal for me. If you were not tied in to a software rental program you would not have had to have your bank info listed with Adobe. I don’t condone what the hackers have done but it is a part of every day life today. I get pretty weird about this creative cloud and in general this cloud stuff that everybody is talking about today. I don’t trust backing up my computer systems to on line cloud systems, I don’t trust Apple’s cloud program, I have a special bank account set up just for online purchasing. It’s a hassle I know, whenever I make a big purchase I have to transfer funds from a separate account. But if anything like this happened where someone got a hold of my online credit card info damage would be minimal for me. Something to be said for perpetual license of software.
Regards
Ed M
Eric Reagan says
Honestly, I think this is the least of the concerns out there against using Creative Cloud. It happens to major companies all the time. I got a similar email from Sony last year regarding a major hack to their PS3 user accounts. It also happens at retail brick and mortar stores. We had a card compromised that we think was part of the TJ Maxx hack a few years back. We’ve only ever shopped in-store there. I also had someone skim my credit card at a store somewhere in Vegas. They made a duplicate and were using a physical card in France a day or two later.
For Adobe, this comes at a bad time – during the first year of its big Creative Cloud push. It adds fuel to the fire of critics who hate the Creative Cloud subscription model. How much damage it actually does the user base, I don’t know.
I just kind of sighed and changed my password. I imagine most other users did the same thing. If something happens with it down the line on my account, it will be frustrating; however, as I understand Adobe’s notice, the credit card data was encrypted so that risk may be minimal. It sucks to think that someone has access to my info; however, it’s just part of living in a global society where payment systems are so connected.
trueblue says
I don’t remember even setting up an Adobe password. I’ve never paid for Adobe. And I don’t see any place on this page to re-set my password, anyway. Where is it?
Ed Mease says
Adobe has been pretty good on sending out notices to customers who they think may be affected by this security breach. If you have not gotten an email notice from Adobe you can always log into your Adobe account by going to Adobe.com. I would suggest that if you don’t get an email notice from Adobe that you still change your password on your Adobe user account. You can do that by logging into your user account and then going through the steps of resetting your password. If you don’t have an Adobe user account then this is not something you have to worry about.
trueblue says
Thanks, Ed. I got the notice yesterday, but when I went to the link they sent me to change my Adobe password, the page I went do didn’t have a place for me to “change” the password (which I don’t think I ever set up). I did finally end up at a page where I created a “new” password. I know I’ve downloaded Adobe in the past, or else I couldn’t see PDFs. I just don’t think I set up an account.
I appreciate you responding to last night’s question so quickly. :)