Adobe_Systems_logo_and_wordmark.svg_

Adobe Website Hacked, Millions of Passwords Stolen

Nov 06, 2013 By Sharon Solomon

Web hacking was considered an ostracized field just a few years ago. These days it’s a subculture, with more and more average programmers learning the basics of the trade and pulling off impressive “conquests”.

Facebook, Twitter, and LinkedIn are under constant attack, but commercial websites with the sensitive information are where the hardcore hackers like to ply their trade.

The latest website to enter the victim list is Adobe, a powerful international company with millions of registered customers. A 9.3 gigabyte file containing all the stolen information was posted on the net by the hackers. People’s private emails, passwords, and addresses were stolen in this latest raid. The intruders also exposed source codes of Adobe programs.

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers and other information,” Brad Arkin, Adobe’s chief security officer, wrote in an official release.

The severity of the breach was magnified when the user’s password choices and preferences were exposed. Tens of thousands of users chose surprisingly simple and repetitive passwords, illustrated by the top 20 list:

  1. 123456
  2. 123456789
  3. password
  4. adobe123
  5. 12345678
  6. qwerty
  7. 1234567
  8. 111111
  9. photoshop
  10. 123123
  11. 1234567890
  12. 000000
  13. abc123
  14. 1234
  15. adobe1
  16. macromedia
  17. azerty
  18. iloveyou
  19. aaaaaa
  20. 654321

Adobe has refused to comment on the released password lists, but has duly suspended all activity on affected user’s accounts till they change their passwords. Users and members are advised to visit the Help Pages on the Adobe website for more support. Twitter user hilare_belloc has also created the adobe.cynic.al, where all Adobe customers can check if their information has been compromised.

With rumors talking about Adobe hiding the real number of compromised passwords, it’s highly recommended that all internet users use strong passwords and also change them once in a few months. With the clever hacking technology and lack of investment in internet security, the Adobe breach will probably not be the last to be reported this year.

Adobe Customer Security Update

Adobe Customer Service Alert

 

The following two tabs change content below.

Sharon Solomon

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Get a Checkmarx Free Demo Now

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.