According to Reuters, Adobe Systems said that hackers stole some of source code of its most popular software and millions of users’ data. Security experts worried about theft of the source code, because the confined review on the software will result in discovering new vulnerabilities that can be used to launch an attack difficult to detect.
Adobe said the hacker gained source code of Adobe Acrobat, ColdFusion and ColdFusion Builder. The company’s chief security officer Brad Arkin said that since the incident happened two weeks ago, they have been investigating the invasion , and there are no indications that hackers use the stolen source code to launch attacks.
Akin said that hackers stole 2.9 million Adobe customers’ information, including name, user ID and encrypted password, and payment card numbers. He believes that these attacks may be associated with each other. The company said it will reset passwords for customers worldwide who are affected by this issue, and to remind them to change the reusable passwords used on other sites. The response team of computer incident issue of US Department of Homeland Security said on Thursday, Adobe user should be careful not to be taken in.
Adobe said it is working with banks and federal law enforcement agencies to resist the invasion to customer accounts and to investigate the responsibility of these acts.
Large-scale disclosure of user information will cause more immediate threat on information security. Since this information including user names, bank card account numbers, passwords and other sensitive information. Therefore, in addition to the chance that real or virtual property will be stolen, they may be used to conduct phishing attacks which will cause more threats against users information security.
Users need to be aware of and guard against the threat caused by this issue, if you are a member of Adobe, please change your password. If you use the same password on other sites, you need to modify. If you use of login your credit or debit card in Adobe, please note whether there is unknown cards consumption.
Enterprises that hold customers personal information can’t pay too much attention to data security, since customers give their information to you out of trust, once you disclose the data to others and let the customers know that, they will never trust you. For enterprises which have customers’ information, complete data security solutions, such as server encryption, shared folder protection are necessary.