Adobe declared on Thursday that it’s been the target of a large scale security breach, both sensitive and personal data was compromised effecting millions of its customers.
Brad Arkin, head of security for Adobe products and services, explained in a blog post that the attack concerns both customer information and illegal access to source codes for “numerous Adobe products.”
A few products affected include: Adobe Acrobat, ColdFusion, and the ColdFusion Builder. The source code, Adobe assured that there is no “increased risk to customers as a result of this incident.”
Adobe added that the investigation has not turned up any zero-day attacks either, but we will see
in the upcoming weeks if that is truly the case. Regrettably, the perpetrators have obtained access to a large swath of Adobe customer IDs and hashed passwords.
Arkin specified that removed sensitive information including: names, encrypted credit or debit card numbers, expiration dates and the list goes on. Adobe estimates approximately 2.9 million Adobe customers are at risk.
Arkin added that they “believe the attackers removed decrypted credit or debit card numbers” from Adobe’s servers. Adobe is now distributing password resets on breached Adobe customer IDs, and users will receive an email if they’re included in the breach.