Hackers steal Adobe product source code and credit card data of three million customers

Share this article:

Adobe is warning nearly three million of its customers that their credit card data was breached – and that the intruders also appear to have stolen product source code via “sophisticated attacks.”

On Thursday, Adobe CSO Brad Arkin announced in a blog post that the company is notifying by letter customers whose credit or debit card numbers and expiration dates were accessed. Adobe is also resetting customer passwords, as hackers obtained an undisclosed number of Adobe customer IDs and encrypted passwords in the attacks.

“Very recently, Adobe's security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products,” Arkin wrote. “We believe these attacks may be related.”

Arkin later added that “we do not believe the attackers removed decrypted credit or debit card numbers from our systems.”

Banks that process customer payments for Adobe were notified of the breach, and the company is assisting federal police in an investigation.

In an earlier blog post published on Wednesday, Arkin revealed a number of Adobe products where source code was purloined by saboteurs: Adobe Acrobat, ColdFusion, ColdFusion Builder, as well as other products were impacted.

Security blogger Brian Krebs and Alex Holden, CISO at Hold Security, aided Adobe in responding to the incident, Arkin wrote on Wednesday.

On his website, Krebs wrote on Thursday that he and Holden discovered the source code leak about a week earlier. Krebs posted a screen shot of the stolen source code, which he and Holden found on a server operated by the hackers.

The investigations led the security experts to believe that the attackers were the same criminals that hacked other entities, including LexisNexis and more recently, the National White Collar Crime Center (NW3C). According to Krebs, the attackers leveraged vulnerabilities in Adobe's ColdFusion Web application server to compromise NW3C between late May and August 17.

Krebs revealed that Adobe had launched its own investigation on the breach as of Sept. 17, and that the company confirmed that hackers likely accessed the source code around mid-August.

Share this article:

Sign up to our newsletters

More in News

Incapsula mitigates multi-vector DDoS attack lasting longer than a month

Incapsula mitigates multi-vector DDoS attack lasting longer than ...

Incapsula's scrubbing servers were able to filter out more than 50 petabits of malicious DDoS traffic aimed at a video game company for longer than a month.

UPS announces breach impacting 51 U.S. locations

The shipping and printing provider said malware has been present on some stores' computer systems since mid-January.

'Machete' espionage campaign targets orgs in Venezuela, Ecuador

The campaign targets Spanish speaking victims, which also appears to be the native language of attackers.