Brad Arkin, Adobe's chief security officer, wrote in a blog spot that the hackers had removed data including encrypted credit- and debit-card numbers, but that the company does not believe any decrypted numbers were taken.
Arkin wrote that the hackers "removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders,". He also said, “The hackers also took source code for a number of Adobe products. “ and he added that "We're working diligently internally, as well as with external partners and law enforcement, to address the incident,"
Brian Krebs, author of the respected security blog Krebs on Security, wrote that the attackers appeared to be the same group responsible for attacks earlier this year on data aggregators LexisNexis, Kroll and Dun & Bradstreet.
Adobe said that it is resetting passwords for the customer accounts it believes were compromised and that those customers will get an email alerting them to the change.
Customers whose debit or credit card information is supposed of being retrieved, Adobe is offering a free one-year subscription to a credit-monitoring programmer.
At last, the company said it had notified law enforcement officially and is working to identify the hackers.
No comments:
Post a Comment