Account information, including user names and encrypted credit card numbers, were stolen from Adobe servers by hackers, potentially exposing information for 2.9 million user accounts. Adobe revealed the security breach on Thursday, and has already started notifying customers who may now have compromised credit cards
In a statement on the Adobe website, Chief Security Officer Brad Arkin said,
Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.
He added that Adobe is working with law enforcement agencies and external partners, and that the company is cooperating with Federal investigators.
Even if Adobe hasn't contacted you, it's still a good idea to change your Adobe account password, and change the login information for any other sites where you used the same user name and password.
Along with the user account hack headache, Adobe is also dealing with unauthorized access to the source code for several of its products.
“Adobe is investigating the illegal access of source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and other Adobe products by an unauthorized third party,” Mr. Arkin said. “Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident.”
Adobe isn't saying exactly how the hackers managed to access its servers, but did say that it is aggressively working to prevent similar attacks in the future.