Skip to main content

A Different Kind of Adobe Update: Adobe Announces Data Breach Compromising Information of 2.9 Million Customers

Written by Jake Romero and Cynthia Larose, CIPP

 

Adobe Systems Inc.,(ADBE -1.24%) announced earlier today that has been the victim of a cyber attack that has compromised information of 2.9 million of its customers.  In a blog post Thursday morning, Adobe’s Chief Security Officer Brad Arkin referred to such attacks as “one of the unfortunate realities of doing business today” and added that the attack on customer information is believed to be linked to an attack in which hackers obtained source code for certain Adobe products, including its Cold Fusion web application platform and its Acrobat family of products.  

Adobe Systems Inc. reported what it called a sophisticated attack on its computer network, involving illegal access to both customer information and source code related its programs

The scope of the breach was first disclosed by security blogger, Brian Krebs in his blog, Krebs on Security.  The customer information accessed by the hackers includes names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.  At this time Adobe does not believe that decrypted credit or debit card numbers were obtained.  Adobe has reset passwords for certain customers and will be notifying customers whose debit or credit card information is believed to have been accessed.  For those customers whose credit or debit card information has been accessed, Adobe will offer a complimentary one-year membership with a credit monitoring service.

This latest incident is a reminder that cyber attacks are not only an “unfortunate reality” of doing business, but are also increasingly common.  If your business collects customer or user information, there is no time like the present to make sure you have a response plan in place.

Read more:

New York Times - Adobe Announces Security Breach

PCWorld - Adobe Reports Massive Security Breach

Wall Street Journal -- Hackers Hit Adobe Systems Network 

AllThingsD

 

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Co-Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.