All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
Get up to 16x more storage and 2x the speeds of the original drive
128GB Memory in iMac 5K

Up to 128GB for 2019 iMac 5K!
Up to 64GB for 2015/2017 iMac 5K

Save nearly 50% over Apple pricing

Security Breach at Adobe for 2.9 MILLION Customers

See prior blog posts on Adobe Creative Cloud.

Adobe Systems has announced a major security breach of it systems. Customer data was compromised, and source code also.

UPDATE Oct 29, 2013: the security breach was MASSIVE, affecting 38 million customers. You might fairly ask why Adobe would ask for date of birth as a requirement for Adobe Cloud, a point I commented on months before this security breach, noting “patently offensive... and why promote identity theft?”. But that ought to be obvious—just not to Adobe.

The source code breach is more subtle and pernicious; it could allow (for example), a hacker to build a perfect copy but with a Trojan Horse back door built-in and copy protection removed. Never download “free” software that you know is not free.

Isn’t it upsetting that Adobe asks for your date of birth? Which is very helpful for identity theft. Was the date of birth encrypted or was it compromised in full?

It’s hardly an Adobe specific issue, as I discuss in So You Actually Trust Your Sensitive Data to Apple’s iCloud ?.

Adobe Creative Cloud demands date of birth as the very first question

Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers. Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident. We’re taking the following steps:

  • As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
  • We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
  • We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
  • We have contacted federal law enforcement and are assisting in their investigation.

MPG: Joy. So to protect myself I can sign up for a service which also will want some sensitive information and probably auto-bill me next year.

If I were a hacker, an email that looks like this would be a juicy thing to send a few million of right about now, containing a fake URL to click on: never, NEVER click on links found in an email. That password link has to be typed in by hand (good), but the “please click here” thing is not a good idea.

Adobe followup email to security breach
B&H Deal ZoneDeals by Brand/Category/Savings
Deals expire in 10 hours unless noted. Certain deals may last longer.
$2797 SAVE $600 = 17.0% $246 FREE ITEMS Nikon Z 7 Mirrorless in Cameras: Mirrorless
$2798 SAVE $400 = 12.0% Sony a7R III Mirrorless in Cameras: Mirrorless
$3498 SAVE $1000 = 22.0% Sony a9 Mirrorless in Cameras: Mirrorless
$898 SAVE $100 = 10.0% $161 FREE ITEMS Sony DSC-RX100 VA in Cameras: Point and Shoot
$1879 SAVE $1071 = 36.0% ZEISS 15mm f/2.8 Distagon T* ZE in Lenses: DSLR

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2019 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__