Adobe took to their blog to discuss an important security announcement for their customers. The company began with an explanation of cyber attacks against companies. While the information provides a wealth of knowledge, the underlying factor was exposed. Adobe has not disclosed the specific source code, but has advised a source code has been compromised. This compromise has now placed 2.9 million customers and their personal information in jeopardy. The hack, states security experts, possibly is not the biggest concern- the bigger concerns resides with the acquisition of the source code. The code may hold more information into the flaws of Adobe and security measures.
The information possibly in jeopardy includes login, credit card information and, of course, the source code. A source code operates as blueprint for many of Adobe’s titles- extending possibly into Acrobat. Adobe is proactively reaching out to customers to change their password information and advising credit card companies to alert Adobe in case of information that indicates a potential breach.
Cyber security journalist Brian Krebs discovered the level of stolen data with Alex Holden of Holden Security, LLC. Krebs states while there is concern about the closed source code retrieval, he has no concern about the hackers reaching into the Adobe software ecosystem. Experts in the field feel security concerns can extend far beyond the 2.9 million customers already compromised. Krebs believes there was a darker intent for the recovery of the code.
Krebs states the code can be sold by hackers to the highest bidder. That leads, of course, to a web of issues that can create serious reconsideration pertaining to Adobe’s mainframe if passed to a skilled enough individual or group. Acquiring the information can lead to a great concern of transferring money by using sensitive data to confirm bank account information. Or be used to access security coding for the software for the company, especially tech-rich companies.
There has been a rising level of sophisticated targeted attacks. In July, the tech industry and media outlets discussed several hacking individuals that are solely looking to compromise information and to sell it off for an extensive amount of money – the original story was developed by the New York Times. The data lifted from several companies leads to a possible dark path of stealing money or additional items from the customers. Krebs states similar hacks were placed against LexisNexis, Dunn & Bradstreet and Kroll Background America. Cyber attacks as of late, have hit media outlets and even tech giants like Apple.
Cyber attacks have been on the rise and the reach of it does not start or stop with corporations. Government, universities, large corporations and even overseas agencies have undergone a significant rise in attacks. This could be due to the expansion of companies like ReVuln, as reported across tech media outlets. These companies make their substantial living by reviewing vulnerabilities for/into companies and government agency databases. Once the information is acquired, it is suggested from previous sources, they turn to their quiet marketplace to sell the vulnerability. Reportedly, the NSA has been a buyer of these private, in the gray, companies.
Now, Adobe is the latest victim in this game, that remains far from entertaining regarding the customer base it affects. Adobe advises all customers they are taking the breach seriously and reaching out to advise all customers to change their passwords immediately. They are working with business partners to make sure information remains encrypted. 2.9 million customers were affected by the hack Adobe experienced. It is recommended to follow any procedures Adobe may pass along to ensure restoration of security. Now Adobe and their security team wait in anticipation of any other security breaches.
Exodus Intelligence was mentioned in this article per sources received, new information from VP of operations has amended that previous claim. Due to conflicting information, I withdraw the company name from the article. Exodus Intelligence assists clients in protecting their data and information and uphold ethics to the highest levels. Visit their site for more information: Exodus Intel– updated 10/10/2013