No doubt if you are an Adobe account holder, you must have been following the developments of the whole hacking saga. Not to mention living in constant fear that your next product update could lead you into a world of cyber hurt. As it turns out, Adobe’s original figure of 2.9 million affected user accounts was not entirely accurate. To be fair they didn’t exactly lie either.
So Adobe was originally quoted as saying that 2.9 million user (or 2.8 million. Or even 3 million, depending on which article you read) ID’s were compromised. They are now clarifying that to say that those 2.9 million (or 2.8, or 3 million) user ID’s had their names, encrypted credit card numbers and expiration dates swiped by the hackers. Poor form Adobe..poor form.
However the latest information to surface is that an additional 38 million users (yes 38 MILLION!!) have had their ID’s and encrypted passwords stolen. This is a mixture of what Adobe quotes as “Active” and “Inactive” users. They are currently in the process of contacting the Inactive users to update necessary information and spin you a PR story of how valuable you are blah, blah, blah. The Active users have already been communicated to.
To add insult to injury, www.anonnews.org, posted a large list of “usernames and hashed password pairs” over the weekend, and these are believed to be Adobe account details. But it only gets worse.
The real kick to the pancreas is that it now appears that some of that source code that was hijacked seems to include code from Photoshop. Mary, Martha, Luke and John!!! Take a look at the blog post from KrebsOnSecurity for more info.
Should we be proactive and do a review on the latest edition of CorelDraw?