SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

CHANNEL BY TOPICS


QUICK LINKS




Major Adobe Hack Compromises 2.9M Customer Names, Credit Cards and More

TMCnet Feature

October 07, 2013

Major Adobe Hack Compromises 2.9M Customer Names, Credit Cards and More

Share
Tweet
By Steve Anderson
Contributing TMCnet Writer

It's news that no one—especially not a customer of a firm—wants to hear: a compromised network allowed intruders to reap a massive haul, starting with 2.9 million customer names. That would be bad enough by any standard, but it only gets worse.


The compromised network not only resulted in the leak of customer names, but also got a set of “other information relating to customer orders,” which includes encrypted debit and credit card data—numbers and expiration dates alike—and more besides. While Adobe (News - Alert) isn't saying exactly when the breach actually hit—the most it would say is that the attacks were discovered “very recently”—it took several steps in response to said matter. Among these steps were the resetting of customer passwords and the e-mail notification of the users whose accounts were impacted by the changes.

Additionally, Adobe is notifying those whose credit card information was at risk, along with an offer of a free year's membership in a credit monitoring service. Adobe has further notified the banks that handle processing for Adobe for further help, and is working with federal authorities in terms of investigating the person or persons responsible.


Image via Shutterstock

Adobe also issued a public apology, and perhaps thankfully, doesn't believe that any decrypted credit card information was taken, rather only encrypted, so the chances of customers having issues is somewhat lessened by this news. But perhaps more frightening was the revelation that some of Adobe's source code was also taken, though Adobe doesn't believe that said source code will prove to be any more risk to its customers.

That's no small affair, though, and application security company Cenzic released a statement of its own surrounding the theft of said source code. The Cenzic statement noted that source code thefts don't happen often, but represents a loss on par with the “crown jewels” of the company. Given that Adobe products are regularly used across businesses worldwide, the potential impact is, as Cenzic's statement describes, “enormous.”

The statement continued: “Regardless of how sophisticated these attacks may seem, the end game of this breach once again illustrates how vulnerable the application layer remains today. The most sensitive data and customer information resides in the databases and the hacker is looking for that one open vulnerability in the application to get to the precious data. More applications moving to the Web, cloud, and mobile today further heightens the threat vector. Organizations must take a proactive approach towards enforcing tight security processes right from the code development phase and through the entire SDLC (Software Development Life Cycle). It is paramount for developers to do thorough security checks on the applications before they are pushed into production.”

Here, Cenzic shows quite clearly what's at stake, and more videos on this subject and others can be found here. More and more of our lives are going online, between cloud systems and more standard communications tools. Thus, the security of said applications becomes an important part of the larger overall environment, as not only do users need to protect individual devices, but also the larger network and beyond. While the importance of users taking the necessary steps to protect devices is as important as ever, so too do developers need to engage in security as well. While Adobe's response has been very encouraging, the need for vigilance is as clear now as it has ever been.




Edited by Alisen Downey


View all articles


Comments powered by Disqus








Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].

STAY CURRENT YOUR WAY

© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy