Monday 11 November, 2013
On October 13th, software giant Adobe announced that one of its servers had been hacked. The announcement said that hackers obtained access to information about users and its programs. It said that it especially affected users who used the Creative Cloud version of their software suite.
The company reported that nearly 3 million users’ data had been compromised. The data in question was personal information such as names, credit card information and other data related to Adobe product purchases.
Adobe reported that the credit card information that was stolen was encrypted and therefore should be safe. No decrypted data was compromised and according to the company, there is no way for hackers to decrypt and use this data. Credit card data included encrypted CC numbers and expirations dates.
Raising the Stakes on Advanced Persistent Threats
What many consider more alarming is that the hackers made away with some of the source code used for Adobe products. Likely targets include Acrobat and ColdFusion. While Adobe stresses that this isn’t information that could be used to access users’ computers, it could lead to ongoing trouble in the form of what are known in the security world as Advanced Persistent Threats (APTs).
An APT is a type of attack that is ongoing, where it isn’t known how long hackers have been in the system. Adobe believes hackers had access since possibly early June. But what’s alarming is that with the company’s source code as well as its digital certificate code signing infrastructure, which hackers also reportedly obtained, they could create malware posing as legitimate Adobe products and there would be no way to tell the difference. Pundits are saying that there has never been an APT of this scale before.
What Adobe Is Doing about It
Adobe contacted authorities as well as banks and payment processors with all of the details of the attack. It reset passwords for users whose accounts may have been compromised and sent out emails urging users to change passwords.
The company is still trying to figure out exactly how the data was stolen. Adobe Security Chief Brad Arkin said in a statement that the compromised server’s configuration was ‘not to Adobe corporate standards for a build server.’ He added that it is very regrettable that the company’s regular provisioning process didn’t catch the attack earlier.
Adobe has had some goodwill issues with its customers and criticism over its Creative Cloud software, so this attack couldn’t have helped the company’s reputation. However, it’s pretty certain that they will do damage control and try to effectively solve the problem.
If you’re an Adobe user, the following measures are recommended:
* If you’re a Creative Cloud subscriber, look carefully at your statements.
* If you get emails from Adobe related to new products, click links with caution
* Follow any instructions you receive from Adobe in regard to fixing the problem or any related threats.