A sophisticated attack on the Adobe network and across numerous Adobe products like Acrobat has affected at least 2.9 million customers. Adobe’s investigation points to two related attacks in which the attackers gained illegal access to source code for at least three of its products and stole customer information such as names and encrypted credit or debit card numbers, expiration dates and data related to customer orders.
Adobe’s Chief Security Officer, Brad Arkin, recommends “customers run only supported versions of the software, apply all available security updates, and follow the advice in the Acrobat Enterprise Toolkit and the ColdFusion Lockdown Guide. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products.”
Brian Krebs, of KrebsOnSecurity.com, reports, “Adobe said the credit card numbers were encrypted and that the company does not believe decrypted credit card numbers left its network.” Let’s hope so. In the meantime, the company has begun notifying affected customers and is planning to release security updates on Tuesday, October 8, 2013 for Adobe Reader and Acrobat XI (11.0.04) for Windows.
A customer security alert on Adobe.com asks customers to reset their passwords and assures, “We are working diligently internally, as well as with external partners and law enforcement, to address the incident.”
Almost 60% of businesses use some form of content marketing. Starting December 8, get hands-on content marketing training in our online boot camp! Through an interactive series of webcasts, content and marketing experts will teach you how to create, distribute, and measure the success of your brand's content! Sign-up before November 10 to get $50 OFF with early bird pricing. Register now!