Did Adobe suffer a second breach?

On October 4th Adobe was forced to send out almost three million emails with the unfortunate news that their network had been attacked, breached and data stolen. The data from that theft included account IDs as well as encrypted passwords and credit/debit card information and even source code for Adobe products. The attack happened not all that long after Adobe pushed their users to a subscription based license for their products. Once a large number of people had joined the Creative Cloud service Adobe was an even more attractive target and due to their history or ignoring security the attackers were able to get in and grab what they wanted.

 

Now five days later another email is going around recommending that people reset their passwords. The second email was sitting in our mailbox this morning and was something of a surprise. The wording differed from the first email in that it only mentions the loss of user IDs and encrypted passwords. The first email informed us that our credit/debit card information was also likely compromised.

The question now is, has Adobe been hit with another attack or is the original attack much wider than they originally thought. Our thoughts are that the original estimate of 2.9 Million users was low and Adobe is just beginning to understand the full effect of the original breach. It is also very likely that the attackers were Adobe’s systems well before they were discovered. We have seen this pattern more than once in the recent past and it is possible that the same thing happened here.

October 4th Email October 9th Email
first email second email

 

Another and much more frightening possibility is that the attackers left other doors to re-access Adobe’s servers at a later date that Adobe has not been able to find yet. This is also another new pattern where the individuals responsible for an attack will make sure they can continue to exploit servers simply by deploying malware that gives them control over the network. One defense contractor was embarrassed like this for over five years by a Chinese hacker group.

It is a sad state of affairs when you are only hoping that a company simply missed that your information was compromised, but then again this is a perfect example of why forcing people into the cloud without proper preparation and security it a bad idea. We will continue to monitor the situation and see if we can get more information out of Adobe on the subject. For now if you have an Adobe Creative Cloud account we highly recommend you change your password and keep a close eye on whatever card you are using to pay for the applications and services.

Tell us what you think in our Forum

 

No comments

Leave your comment

In reply to Some User