Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Hacked: Almost 3 Million Accounts Compromised

Posted by samzenpus on from the breaking-in dept.

sl4shd0rk writes "Adobe Systems Inc. is expected to announce today that hackers broke into its network and stole source code for an as-yet undetermined number of software titles, including its ColdFusion Web application platform, and possibly its Acrobat family of products. The company said hackers also accessed nearly three million customer credit card records, and stole login data for an undetermined number of Adobe user accounts."

12 of 256 comments (clear)

  1. See... this is why I torrent cracked versions. by hawks5999 · · Score: 5, Funny

    It's too risky to give your credit card number to a company like Adobe.

    1. Re:See... this is why I torrent cracked versions. by Em+Adespoton · · Score: 5, Informative

      In related news, it turns out Adobe will give you some sort of software if you give them a credit card number. What a crazy business model!

      Not for long... their new business model is that they will let you have access to their cloud if you give them a credit card number, and keep paying them regularly.

    2. Re:See... this is why I torrent cracked versions. by rtb61 · · Score: 5, Interesting

      Especially when the break in was prior to the 17th of September and they didn't notify customer until another customer noticed Adobe source code floating around the internet October the 13th. It would seem if an outside company had not discovered the evidence of the breach Adobes customers would never have been warned that their log in details and credit card details had been stolen. Oh but the credit card details still maybe might secure because they were encrypted and those that could hack the system (likely ex-insiders and outsourcers) maybe might not have passwords for the encryption even though they had passwords for everything else.

      It seems like Adobe needs to be answering some very serious question in a court of law as to why that information was withheld from customers for so long.

      --
      Chaos - everything, everywhere, everywhen
    3. Re:See... this is why I torrent cracked versions. by Anonymous Coward · · Score: 5, Funny

      As the article says. They'll also give your credit card to anyone else who asks their computer nicely for it too...

  2. PDF Exploit? by Statecraftsman · · Score: 5, Funny

    What are the odds this attack didn't involve a pdf exploit?

    1. Re:PDF Exploit? by fuzzyfuzzyfungus · · Score: 5, Funny

      If you upgrade to a suitably new version of Acrobat, you can put your flash exploits inside your exploit PDF. Totally worth the license fee.

  3. Dayamn! Thjs is big! by PerlPunk · · Score: 5, Insightful

    This is big news. Expect untold exploits for the Adobe technology stack to emerge out of this. If someone or some group is determined to run Adobe into the ground, they are off to a good start.

    1. Re:Dayamn! Thjs is big! by tech.kyle · · Score: 5, Insightful

      Expect untold exploits for the Adobe technology stack to emerge out of this.

      This. This is why people should be concerned. Open source programs have their code exposed to everyone, including those with malicious intent, and are therefor "battle hardened" for security. Closed source programs live a sheltered life and having that source suddenly available means those with malicious intent can use Adobe's relatively weak source code to develop new exploits for clients. Lots of them.

      Adobe is a household name that users couldn't get rid of if they wanted to. Flash, for example, is on nearly every internet-connected PC. This is a problem for everyone.

      --
      If we colonize Mars, it won't be the World Wide Web anymore. UWW?
  4. Re:First post! by K.+S.+Kyosuke · · Score: 5, Funny

    Your post looks photoshopped. Yep, definitely. The reflections are all wrong.

    --
    Ezekiel 23:20
  5. Re:3 million? by the+eric+conspiracy · · Score: 5, Interesting

    ColdFusion is built on JRun which is the most miserable POS Java servlet container conceived by the mind of man.

    Since the source code is out maybe it will get some bug fixes.

  6. Code analysis by kav2k · · Score: 5, Funny

    So, let me recap.
    Adobe just lost the source code to one of the most exposed attack surfaces known for vulnerabilities?
    That'll be one hell of a peer review.

  7. Adobe != security by oneiros27 · · Score: 5, Interesting

    Adobe must be the one company in the world to have a worse track record at security than Microsoft, Oracle or Mozilla.

    At my work, they require us to take annual security training ... and this year, I flat out refused to take it from any of my systems ... because I had to install flash & turn on java in my web browser. I had to go to the 'training center' to take it from one of the machines there.

    ... not a week later, the first of the 2013 Flash vulnerabilities was announced ... then a couple of weeks later, another one ... then the Java one ...

    Then I was told that I had to take the 'advanced security' training ... what was the recommendation? to turn off flash & java in your web browser.

    ah, the irony.

    --
    Build it, and they will come^Hplain.