Data stolen from Adobe customers in security breach

Adobe has suffered a security breach that has resulted in customer information being stolen.

The cyber security breach saw customers’ names as well as credit and debit card numbers and expiration dates being accessed.

"We deeply regret that this incident occurred," said the company in a statement on its website.

Adobe is resetting passwords for accounts that it believed were compromised. Customers will be contacted via email alerting them to their account changes.

"Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems," said Brad Arkin, chief security officer at Adobe.

Arkin said he did not believe the attackers had removed decrypted credit or debit card numbers from its systems.

So despite encrypted information being viewed by the hackers, decrypted card details were not removed from the system.

As the sophisticated attacks breached such complex cyber defence, federal law enforcement has been alerted.

Following the Adobe hack revelation, Jeremiah Grossman, CTO WhiteHat Security tweeted: "The guys who hacked the National White Collar Crime Center used a ColdFusion exploit, too." He continued, "Is it possible Adobe was the first target in the victim chain?Speculating – attackers used the ColdFusion source to [0day] exploit primary targets."

Dwayne Melancon, CTO of Tripwire commented: "The fact that the breach involves source code for creating web content should be concerning for Adobe and its customers, as it may enable the attackers to tamper with others’ production web sites. Fortunately, Adobe has already published hardening guidelines to help reduce the risk of this happening.

"This breach is rumored to have been perpetrated by the same attackers that compromised LexisNexis and a number of other organisations, so they likely used the same techniques. That means the attackers planted a rogue executable on the targeted systems and used that to create a command & control channel back to the attackers.

"These breaches underscore the importance of continuously monitoring your systems for suspicious changes, verifying any unrecognied programs on your systems, and establishing strong foundational controls so you can tell ‘good’ from ‘bad’ in your production environment – and to prepare before something bad happens, rather than after the damage has already been done," he said.