In wake of Adobe breach, attackers may use insight to dig up zero-days
In the aftermath of a major breach at Adobe, which compromised the financial and personal information of millions and left product source code in the hands of saboteurs, security experts warn users to be vigilant moving forward.
While the public learned of the incidents on Wednesday and Thursday via separate announcements, prior to the news getting out, Adobe was approached by security journalist Brian Krebs and Hold Security CISO Alex Holden.
The two told the company of their alarming discovery: A server containing 40 gigabytes of stolen source code, including that of Adobe, had also been used by hackers that breached LexisNexis, commercial data provider Dun & Bradstreet, risk consulting firm Kroll and the National White Collar Crime Center (NW3C).
Adobe has already begun notifying customers that sensitive data was accessed by hackers – including names, encrypted credit and debit card numbers and card expiration dates. In addition, the company began resetting customer passwords, as miscreants obtained an undisclosed number of Adobe customer IDs and encrypted passwords in the breach.
In addition, on Wednesday, Adobe's CSO Brad Arkin revealed in a blog post that the information on a number of company products, including Adobe Acrobat, ColdFusion and ColdFusion Builder, were pilfered by attackers.
Further disclosure by Krebs revealed that Adobe had launched its own investigation on the breach as of Sept. 17; the company also told him that hackers likely accessed the source code around mid-August.