A sophisticated attack on the Adobe network and across numerous Adobe products like Acrobat has affected at least 2.9 million customers. Adobe’s investigation points to two related attacks in which the attackers gained illegal access to source code for at least three of its products and stole customer information such as names and encrypted credit or debit card numbers, expiration dates and data related to customer orders.
Adobe’s Chief Security Officer, Brad Arkin, recommends “customers run only supported versions of the software, apply all available security updates, and follow the advice in the Acrobat Enterprise Toolkit and the ColdFusion Lockdown Guide. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products.”
Brian Krebs, of KrebsOnSecurity.com, reports, “Adobe said the credit card numbers were encrypted and that the company does not believe decrypted credit card numbers left its network.” Let’s hope so. In the meantime, the company has begun notifying affected customers and is planning to release security updates on Tuesday, October 8, 2013 for Adobe Reader and Acrobat XI (11.0.04) for Windows.
A customer security alert on Adobe.com asks customers to reset their passwords and assures, “We are working diligently internally, as well as with external partners and law enforcement, to address the incident.”
Learn how to create social buzz for your brand! Starting November 24, the VP of content strategy at DBA will teach you how to speak and write to different audiences on social platforms, identify and engage with current trends and influencers, and build an excellent social strategy to amplify your numbers and rate engagement. Register now!