Adobe Hack: Reset Your Passwords

Adobe CorporationOver the last year, Adobe has been very strongly marketing to design professionals to move to their Creative Cloud suite, promising updates, new versions and other benefits the cloud brings you. I’m a customer myself, and it’s been nice and it seems they’ve been updating their main apps like Photoshop more often than they used to.

Late last week, Adobe reported that they’d been the victim of a hack. Not only was customer data, including encrypted credit card information stolen, but source code was also taken from Adobe.

The Washington Post is reporting the hack has affected 2.9 million accounts. They add:

On Thursday, the firm said that customer information such as names, encrypted credit or debit card numbers, expiration dates and “other information relating to customer orders” may have been accessed, although it has no evidence that any credit card numbers left its systems.

Yeah, that’s not good. Adobe has also released a security advisory for customers, saying:

Adobe’s security team recently discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related. We are working diligently internally, as well as with external partners and law enforcement, to address the incident.

If you have an Adobe account, chances are you’ve received an email from them saying that you need to reset your password. If you haven’t yet, you should, now.

The stealing of customer information is always bad, but what’s interesting about this hack is the theft of source code. Having direct access to the code for an application like Flash or ColdFusion means that hackers can dig into the code and look for vulnerabilities inside it as opposed to trying to work through all sorts of ways a piece of software could be used maliciously.

This is something Adobe is going to have to watch for very carefully going forward.