Summary: Adobe Systems Inc. is expected to
announce that hackers broke into its network and stole source code for an
as-yet undetermined number of software titles, including its ColdFusion Web application
platform, and possibly its Acrobat family
of products. The company said hackers also accessed nearly three million
customer credit card records, and stole login data for an undetermined number
of Adobe user accounts.
In an interview with this
publication, Adobe confirmed that the company believes that hackers accessed a
source code repository sometime in mid-August 2013, after breaking into a
portion of Adobe’s network that handled credit card transactions for customers.
Adobe believes the attackers stole credit card and other data on approximately
2.9 million customers, and that the bad guys also accessed an
as-yet-undetermined number of user names and passwords that customers use to
access various parts of the Adobe customer network.
In a blog
post Brad Arkin, chief security officer of Adobe, said: “Adobe has attracted increasing attention from cyber
attackers. Very recently, Adobe’s security team discovered sophisticated
attacks on our network, involving the illegal access of customer information as
well as source code for numerous Adobe products. We believe these attacks may
be related.
”
“Our investigation currently indicates that the attackers
accessed Adobe customer IDs and encrypted passwords on our systems. We
also believe the attackers removed from our systems certain information
relating to 2.9 million Adobe customers, including customer names, encrypted credit
or debit card numbers, expiration dates, and other information relating to
customer orders. At this time, we do not believe the attackers removed
decrypted credit or debit card numbers from our systems. We deeply regret that
this incident occurred. We’re working diligently internally, as well as with
external partners and law enforcement, to address the incident ”
Source:
KrebsOnSecurity, USA
Today