Adobe Customer Data and Software Source Code Breach

Release Date: 7 Oct 2013 2886 Views

 

HKCERT is aware of  the announcement Adobe made on her blog  on 3rd October which revealed that the source code of multiple Adobe product including ColdFusion, ColdFusion Builder and Acrobat had been stolen by hackers, and that the hackers also removed from Adobe’s systems data of 2.9 million customers which contain customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. HKCERT advises the public to pay attention to the development of the incident and beware of potential phishing emails from fraudsters.

Adobe claimed the investigation on the incident of source code stolen by hackers was still ongoing but confirmed that after close examination, the source code ColdFusion products released after the incident had not been contaminated . They are not aware of any zero-day exploits targeting any Adobe products either. For the affected 2.9 million customers, Adobe had notified relevant banks and law enforcement to monitor the accounts of the affected credit cards. The 2.9 million customers have their account passwords reset and will receive notification emails to remind them to set a new one.

 

HKCERT has the following assessment on the incident:

  1. It is reported that the leaked credit card and debit card information was encrypted such that hackers cannot directly use.
  2. Not only has Adobe contacted the related banks and local law enforcement, a  one-year complimentary credit monitoring service is also offered on customers’ request. These measures can aid in discovering fraudulent use of credit card information.
  3. Adobe has reset the relevant customer account passwords to prevent hackers from using the accounts to conduct illegal actions.
  4. The illegal access to the source code of the Adobe products may facilitate hackers to study and discover vulnerabilities, posing a long term threat to the security of the affected products. The scope of leaked information in the stolen source code relating to security mechanisms and encryption algorithms of the Adobe products have yet to be determined when further information is provided by Adobe.

Regarding to the incidents, HKCERT has the advices below:

  1. If you receive email notification from Adobe, please examine the email carefully to avoid being redirected to phishing website to leak your password. Do not click on any links provided in the email. Instead, change your passwords by directly visiting and logging onto Adobe’s web site.
  2. Users are advised to use different passwords for different online services. If possible, two-factor authentication should be used.
  3. Users should closely follow the updates of Adobe products. Adobe should be fixing the vulnerabilities resulted from the source code leakage in the security updates on 8th October and afterwards.
  4. Users of Adobe ColdFusion please read the ColdFusion Lockdown Guide to harden the security of ColdFusion.
  5. Stay tuned for further updates on the Adobe breach incident.

Reference:
Adobe : Important Customer Security Announcement
http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html

KrebsonSecurity: Adobe To Announce Source Code, Customer Data Breach
http://krebsonsecurity.com/2013/10/adobe-to-announce-source-code-customer-data-breach/

Share with

Previous

Favourite Security Reads of the Week (4 Oct 2013)

4 Oct 2013 2037 Views

Next

Stay Alert for Ransom-ware "CryptoLocker"

11 Oct 2013 6566 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY