Adobe has confirmed that source code, as well as information belonging to 2.9 million customers, was raided during a breach discovered on September 17 In a blog post on Thursday, Adobe said that during a security audit sometime around September 17, the company discovered that attackers had accessed Adobe customer IDs, as well as encrypted passwords. In addition to IDs and passwords, Adobe Chief Security Officer, Brad Arkin, said that the attackers also accessed customer names, encrypted credit and debit card numbers, expiration dates and “other information.” [Espionage campaign targeting Asian supply chains uncovered]“At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. Were working diligently internally, as well as with external partners and law enforcement, to address the incident,” Arkin wrote. In all, Adobe says that the breach impacts some 2.9 million customers worldwide, and that they’re in the process of sending out notifications to those who had credit or debit card details compromised. Further, Adobe has alerted the banks processing customer payments, in order for them to help protect accounts upstream. “If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password,” Arkin advised. Making matters worse, Adobe also admitted that source code was breached during the incident, sparking fears that criminals who have accessed the information may have used it to develop new attacks. Adobe says they’re not aware of any increased risk to customers because of this incident, and noted that they’ve not seen any Zero-Day exploits targeting their software. However, this doesn’t mean that said Zero-Days don’t exist now due to this breach, nor does it mean that unreported attacks aren’t taking place.The earliest known date of discovery is September 17, but Adobe hasn’t said how long the attackers have had possession of the stolen source code, nor can they comment on how far it’s spread online. Last week, reporter Brian Krebs, found 40 GB worth of Adobe’s proprietary data on a server used by criminals, but by the time he found it, Adobe was already investigating its theft. In an advisory to customers, Adobe confirmed that the source code theft impacted Adobe Acrobat, ColdFusion, ColdFusion Builder and “other Adobe products.” As to what those other products are, Adobe didn’t say. [5 myths of encrypting and tokenizing sensitive data]CSO reached out to Adobe in order to ascertain the type of encryption employed to protect credit card data. In addition, we asked for clarification to the point that attackers didn’t remove “decrypted credit or debit card numbers from” Adobe systems. We’re they saying such unprotected data exists? Furthermore, we asked for information on how the attackers got in. Specifically, was it via Phishing or was it vulnerabilities in a server or application? Unfortunately, Adobe would only point to their blog post, and declined to answer any other questions. In a statement the company would only say the investigation was ongoing. CSO will share any new information as it becomes available. In the meantime, Adobe recommends that customers update to the latest supported software versions, and that they download the newest releases when they’re made available on October 8. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe