Adobe breach impacts closer to 38 million customers

Share this article:

The number of Adobe customers impacted in a breach disclosed earlier this month has skyrocketed to about 38 million. That is more than ten times the roughly three million affected users the company announced previously.

On Tuesday, Heather Edell, an Adobe spokesperson, told SCMagazine.com in a emailed statement that the company has just completed notifying the roughly 38 million impacted customers.

“We currently have no indication that there has been unauthorized activity on any Adobe ID account involved in the incident,” Edell said.

The attackers also obtained invalid and inactive Adobe IDs, Edell said, as well as invalid encrypted passwords and test account data. She added that Adobe is in the process of notifying those customers and that all encrypted passwords, whether those users are active or not, have been reset.

Security blogger Brian Krebs and Alex Holden, CISO at Hold Security, aided Adobe in responding to the incident earlier this month.

In a Tuesday post, Krebs said that a sizable file hosted on AnonNews.org this weekend contained 150 million Adobe username and hashed password pairs. He said the 3.8 GB file, which has since been removed, appears to be the same one discovered by he and Holden earlier this month.

The attackers are believed to be the same criminals that hacked other entities, including LexisNexis, the National White Collar Crime Center and, most recently, PR Newswire.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.