Adobe security breach worse than originally thought

Adobe Systems Inc said on Tuesday that the scope of a cyber-security breach disclosed nearly a month ago was far bigger than initially reported, with attackers obtaining data on more than 38 million customer accounts. When Adobe announced the breach on October 3, it said that attackers stole user names and encrypted passwords for an undisclosed numbers of users, along with encrypted credit or debit card numbers and expiration dates for 2.9 million customers.

In addition to the account details, portions of the source code for Photoshop, Acrobat, Reader, and ColdFusion were also taken. Some of the source code and account information has reportedly been posted online since the data breach. The source code for Photoshop appears to be unencrypted, while the account passwords are protected by encryption.

"So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid) encrypted passwords for approximately 38 million active users," Adobe spokeswoman Heather Edell said. "We are still in the process of investigating the number of inactive, invalid and test accounts involved in the incident."

Active Adobe users affected by the breach should have received a notification from the company by now, prompting them to change passwords. As always, users can employ several strategies to keep their data safe, such as setting different passwords on each site or setting up a password manager.

Read more -here-

• Dropbox breach exposes customer credentials, authentication data
• Google: Passkey authentications top 1 billion across 400 million accounts
• FTC fines Razer for misrepresenting COVID masks as N95s
• FCC fines Verizon, AT&T other major carriers nearly $200 million for sharing customer data
• Federal regulators accuse Amazon executives of deleting messages
• FCC restores net neutrality rules