Adobe uh-oh: Hackers steal 3 million credit cards, source code; Flash, Acrobat users impacted

adobelogo300wYou know those annoying reminders you keep getting from Adobe to update your Acrobat or Flash software? Now would be a good time to pay attention to them.  Brian Krebs at KrebsOnSecurity.com discovered last week that computer criminals had gained access to Adobe’s servers and stole a treasure trove of data from the firm. Credit card data belonging to roughly 3 million consumers was taken, though it was encrypted. But more important, hackers stole the source code for many Adobe products, meaning they have an incredible leg up in the race to find software flaws that can be exploited.

Source code is the key to finding so-called “zero-day” exploits — software flaws that are unknown to the rest of the world, and unpatched, so they can be exploited at will.

Adobe software is ubiquitous, on almost every personal computer and work desktop. The potential consequences are enormous.

(Don’t miss a story! Subscribe to my newsletter at http://BobSullivan.net/newsletter)

“This opens up organizations and consumers to major threats,” said George Tubin, senior strategist at Trusteer, a security firm owned by IBM. “Having access to the source code provides attackers with the opportunity to uncover new unknown vulnerabilities and develop malware that exploits these vulnerabilities. With organizations being unable to detect and patch for these unknown vulnerabilities, every time an employee opens a PDF or a Flash movie, the organization is at risk of a breach of its sensitive and proprietary information.”

Adobe said it plans to release a major security update on Oct. 8.  You’d be wise to install it ASAP. I’ll remind you.

Adobe’s statement about the attack is here.

 

About Bob Sullivan 1318 Articles
BOB SULLIVAN is a veteran journalist and the author of four books, including the 2008 New York Times Best-Seller, Gotcha Capitalism, and the 2010 New York Times Best Seller, Stop Getting Ripped Off! His latest, The Plateau Effect, was published in 2013, and as a paperback, called Getting Unstuck in 2014. He has won the Society of Professional Journalists prestigious Public Service award, a Peabody award, and The Consumer Federation of America Betty Furness award, and been given Consumer Action’s Consumer Excellence Award.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.