In early October, Adobe confirmed that cyber attackers hit the company hard, with the exploit leading to data on nearly 3 million customers being compromised. Besides 2.9 million Adobe IDs and passwords being stolen, full customer names, encrypted credit/debit card numbers, and expiration dates were also compromised for many of the customers.
Additionally, "source code for numerous Adobe products" was also stolen in the attacks.
It appears now that that original number was just the tip of the iceberg. The data breach has impacted at least 38 million users, the company now confirms, and the source code leak now includes the company's extremely popular Photoshop family of products.
AnonNews posted a 3.8GB file over the weekend including 150 million username and hashed password pairs taken directly from Adobe.
Adobe, for their part says they have not seen any unauthorized activity on any Adobe ID that has been stolen: "So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users. We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident--regardless of whether those users are active or not."
The company also notes that it expects many of the pairs taken were for invalid, inactive and test Adobe IDs.
It appears now that that original number was just the tip of the iceberg. The data breach has impacted at least 38 million users, the company now confirms, and the source code leak now includes the company's extremely popular Photoshop family of products.
AnonNews posted a 3.8GB file over the weekend including 150 million username and hashed password pairs taken directly from Adobe.
Adobe, for their part says they have not seen any unauthorized activity on any Adobe ID that has been stolen: "So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users. We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident--regardless of whether those users are active or not."
The company also notes that it expects many of the pairs taken were for invalid, inactive and test Adobe IDs.
