This Thursday Adobe blasted an announcement to clients cyber attacks on its networks by hackers has exposed credit-card information of 2.9 million customers.Brad Arkin is senior director of security for Adobe products and services, they believed the attackers accessed Adobe customer IDs and encrypted passwords and removed data relating to 2.9 million Adobe customers. That information includes customer names, encrypted payment card numbers, expiration dates and information relating to orders, he said. Attackers stole login data for an undetermined number of Adobe user accounts.
Hackers are accessed the source code for several Adobe software titles including Acrobat, ColdFusion and ColdFusion Builder. The company is better known for its Acrobat Reader, Photoshop, Illustrator, InDesign and Flash software among others.
Adobe is notifying customers and resetting passwords. It has alerted banks processing Adobe payments to help protect customer accounts. It is also working with federal law enforcement on its related investigation.
Adobe has also promised to offer these customers with the option of enrolling in a one-year complimentary credit monitoring membership where available.
Adobe many months ago issued security updates to plug all of the ColdFusion vulnerabilities used by the attackers, many networks apparently run outdated versions of the software, leaving them vulnerable to compromise. This may have also been the vector that attackers used to infiltrate Adobe’s own networks. Arkin said the company has not yet determined whether the servers that were breached were running ColdFusion, but acknowledged that the attackers appeared to have gotten their foot in the door through “some type of out-of-date” software.
No comments:
Post a Comment