Between Flash and PDF Reader alone, Adobe is ubiquitous on today’s desktop. Have you ever registered for an Adobe product? If you have, you should seriously consider changing your password. If you are like most people, who use similar passwords and usernames across their personal account, you might consider changing all of your passwords.On October 3rd, Adobe announced that they were the victims of one of the most significant data breaches in history. Personal data for nearly 2.9 million of their customers had been stolen, including credit card data. That alone put it in the hall of fame of breaches.But it gets worse.
Yesterday, Adobe announced that an additional 35 million customer data records were included in the breach. They hastened to add that these records do not include credit card data, but personal information that includes user names and passwords can be a goldmine to hackers.
The passwords were encrypted, but that is usually not enough to stop determined hackers. Adobe reset all current passwords and published a security alert with help for effected customers. They wisely advise customer’s to update their passwords to one that they have not used before and to beware of phishing email scams that pretend to be a reset message from Adobe. Such scams trick victims into revealing their user names and passwords by taking them to a fake web site that looks like the real company and its login or password reset page.
It is very important to understand this is not just about access to your account with Adobe. Increasingly, hackers are taking a highly targeted approach to their attacks. Borrowing from the techniques of “Advanced Persistent Threats” pioneered by nation states, hackers will target very specific individuals to gain access to their organization’s network or to dupe into a financial fraud.
The information stolen from Adobe can be a gold mine for APT attacks. Many, if not most people reuse the same user names and passwords, often with a pattern for varying passwords when they require a change. The bad guys may just be able to derive you online bank login based on your Adobe account credentials.
The Adobe security alert leaves off another aspect of the breach that is also quite troubling. Hackers, presumably part of the same operation, also stole the source code for several of Adobe’s major products, including PDF viewer and Photoshop.
Why would hackers want source code and why should I care? I’m glad you asked me that!
Hackers can use the source code for two purposes. With some products, most prominently Adobe Flash, hackers look for vulnerabilities in the software that they can exploit to spread Trojan viruses Trojans and take over computer. They can also use the source code to spread faux versions of the software that are in fact.
One final thought on this mess.
Companies like Adobe work hard to protect their networks and their data, so breaches are relatively rate. However, when they occur they are bad.
Consider this: In a paper based world it would take a large store room filled with dozens of filing cabinets. It would be tough to sneak out the door with all of that data. You would need a truck to move it all.
However, the stolen file was a “mere” 3.8GB, easily copied using a USB thumb drive! This means that no matter how hard organizations work to shut the door on hackers, the hackers will work even harder. If they can pry that door open, they drive a truck through it!