Security Alert: Adobe Compromise

By gTIC ·

Adobe Inc. posted a public disclosure on October 3, 2013, that they had been compromised by sophisticated attackers and that customer information along with source code for numerous Adobe products had been exposed.

Adobe's Announcement

The public announcement came after security researchers Alex Holden and Brian Krebs initially identified exposed code from Adobe and contacted the organization. Mr. Krebs discloses that responses to the communications include identification that Adobe has been investigating a breach into its network since mid-September 2013.

Customer Information

The number of customers currently identified is approximately 2.9 million with potential exposure of customer name, encrypted credit/debit card numbers, expiration dates and other information related to customer orders.

Adobe is reaching out to customers that have been identified as being impacted - those with credit/debit information exposed - and offering the option of enrolling in a one-year, complimentary credit monitoring membership (where available). Adobe is also resetting relevant customer passwords and notifying impacted customers via email. An additional recommendation made by Adobe is to reset any online account that may use the same user ID and password.

FishNet Security recommends that all customers review their account credentials and information along with modifying their password for the Adobe website. If you use the same password at any other website, it is recommended that those passwords be modified as well with different passwords being used for each location.

Additionally, all customers should review charges to their credit/debit cards on a regular basis. Many credit/debit card providers include the ability to actively monitor cards and send basic transaction information to a contact. This solution is recommended for personal cards that may have been used on the Adobe website.

Source Code

Adobe has addressed the unauthorized access to source code for multiple products in the following release:

Adobe's Announcement on Source Code Access

While Adobe is down-playing the potential for malicious actions that may result from the exposure of the source code, the potential of new vulnerabilities being identified could be potentially high based on what source code was exactly exposed.

Adobe does have planned security updates for October 8, 2013. It is recommended that organizations include these updates within their standard patching programs, and that organizations monitor Adobe’s Security Bulletins and Advisory website on a regular basis for any emergency patches that may be triggered based on the reported events or other malicious activities. Organizations should also monitor their environment for uncommon connections and invalid Adobe Update executables.