Adobe has confirmed that source code, as well as information belonging to 2.9 million customers, was raided during a breach discovered on September 17 In a blog post on Thursday, Adobe said that during a security audit sometime around September 17, the company discovered that attackers had accessed Adobe customer IDs, as well as encrypted passwords. In addition to IDs and passwords, Adobe Chief Security Officer, Brad Arkin, said that the attackers also accessed customer names, encrypted credit and debit card numbers, expiration dates and “other information.” [Espionage campaign targeting Asian supply chains uncovered]“At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. Were working diligently internally, as well as with external partners and law enforcement, to address the incident,” Arkin wrote. In all, Adobe says that the breach impacts some 2.9 million customers worldwide, and that they’re in the process of sending out notifications to those who had credit or debit card details compromised. Further, Adobe has alerted the banks processing customer payments, in order for them to help protect accounts upstream. “If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password,” Arkin advised. Making matters worse, Adobe also admitted that source code was breached during the incident, sparking fears that criminals who have accessed the information may have used it to develop new attacks. Adobe says they’re not aware of any increased risk to customers because of this incident, and noted that they’ve not seen any Zero-Day exploits targeting their software. However, this doesn’t mean that said Zero-Days don’t exist now due to this breach, nor does it mean that unreported attacks aren’t taking place.The earliest known date of discovery is September 17, but Adobe hasn’t said how long the attackers have had possession of the stolen source code, nor can they comment on how far it’s spread online. Last week, reporter Brian Krebs, found 40 GB worth of Adobe’s proprietary data on a server used by criminals, but by the time he found it, Adobe was already investigating its theft. In an advisory to customers, Adobe confirmed that the source code theft impacted Adobe Acrobat, ColdFusion, ColdFusion Builder and “other Adobe products.” As to what those other products are, Adobe didn’t say. [5 myths of encrypting and tokenizing sensitive data]CSO reached out to Adobe in order to ascertain the type of encryption employed to protect credit card data. In addition, we asked for clarification to the point that attackers didn’t remove “decrypted credit or debit card numbers from” Adobe systems. We’re they saying such unprotected data exists? Furthermore, we asked for information on how the attackers got in. Specifically, was it via Phishing or was it vulnerabilities in a server or application? Unfortunately, Adobe would only point to their blog post, and declined to answer any other questions. In a statement the company would only say the investigation was ongoing. CSO will share any new information as it becomes available. In the meantime, Adobe recommends that customers update to the latest supported software versions, and that they download the newest releases when they’re made available on October 8. Related content feature How cybersecurity teams should prepare for geopolitical crisis spillover CISOs can anticipate and prepare for cyberattacks conducted by participants in geopolitical conflict such as the Israel/Hamas war by understanding the threat actors' motivations and goals. By Christopher Whyte Dec 05, 2023 12 mins Advanced Persistent Threats Advanced Persistent Threats Advanced Persistent Threats news analysis P2Pinfect Redis worm targets IoT with version for MIPS devices New versions of the worm include some novel approaches to infecting routers and internet-of-things devices, according to a report by Cado Security. By Lucian Constantin Dec 04, 2023 5 mins Botnets Hacker Groups Security Practices news Hackers book profit by scamming Booking.com customers Malicious elements are using Vidar infostealer to gain access to Booking.com’s management portal and defraud customers. By Gagandeep Kaur Dec 04, 2023 4 mins Cyberattacks opinion Proactive, not reactive: the path to ensuring operational resilience in cybersecurity The experience of the financial sector in dealing with threats is instructive to anyone in the cybersecurity space — there’s no substitute for getting out ahead of potential risks and problems. By Cameron Dicker Dec 04, 2023 6 mins Financial Services Industry Data and Information Security Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe