NEWS - October 04, 2013
by Carol~ - 10/4/13 8:46 AM
Adobe To Announce Source Code, Customer Data Breach
October 3, 2013
Adobe Systems Inc. is expected to announce today that hackers broke into its network and stole source code for an as-yet undetermined number of software titles, including its ColdFusion Web application platform, and possibly its Acrobat family of products. The company said hackers also accessed nearly three million customer credit card records, and stole login data for an undetermined number of Adobe user accounts.
KrebsOnSecurity first became aware of the source code leak roughly one week ago, when this author — working in conjunction with fellow researcher Alex Holden, CISO of Hold Security LLC — discovered a massive 40 GB source code trove stashed on a server used by the same cyber criminals believed to have hacked into major data aggregators earlier this year, including LexisNexis, Dun & Bradstreet and Kroll. The hacking team's server contained huge repositories of uncompiled and compiled code that appeared to be source code for ColdFusion and Adobe Acrobat.
* * * * * * * * *
Adobe Breached, Acrobat and ColdFusion Code Stolen Along with 2.9M Customer Records
October 4, 2013
Attackers accessed customer IDs, encrypted passwords as well as source code for a number of Adobe products, Adobe chief security officer Brad Arkin announced.
Arkin said Adobe is working with law enforcement on the breach in which attackers accessed source code for Adobe Acrobat, ColdFusion, ColdFusion Builder and possibly other Adobe products.
"Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident," Arkin said in a statement.
Arkin called the attacks on the Adobe network "sophisticated," and that information on 2.9 million customers was removed from the company's machines, including customer names, encrypted credit and debit card numbers, expiration dates and other information used in customer orders.
Continued : http://threatpost.com/adobe-breached-acrobat-and-coldfusion-code-stolen-along-with-2-9m-customer-records/102522
Reactions from the security community to the Adobe breach
Adobe source code and customer data stolen in sustained network hack