Back on October 4th and 7th, I wrote about the hackers who had gotten into the customer Adobe files (see, “Top 5 Things to Know About Abobe Hacking” and “Alert! Adobe Hacking Update”).
When the breach was first reported, Brad Arkin, Adobe’s Chief Security Officer, estimated there were around 2.9 million Adobe customers whose Adobe IDs, names, encrypted passwords, encrypted credit and/or debit card numbers (and expiration dates) along with order details had been hacked. That now seems like a vastly underestimated number.
Anna Brading just reported that the final number is 38 million active Adobe customers (see, nakedsecurity.sophos.com; “Adobe breach THIRTEEN times worse than thought”). Ms. Brading’s report is based on an announcement by Heather Edell, an Adobe spokesperson. In her announcement, Ms. Edell says that Adobe has finished its investigation during which it identified the 38 million Adobe customers with active accounts who were affected. Ms. Edell says those customers have already been contacted and that Adobe is now investigating whether any inactive Adobe customer accounts were hacked.
This is a “heads up” to Adobe customers — keep an eye on your credit and debit card bills and other financial account statements. Remember to change passwords and don’t use the same one for multiple accounts. Do check the Adobe website for further updates.