This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.bbc.co.uk/news/business-24392819

The article has changed 4 times. There is an RSS feed of changes available.

Version 0 Version 1
Adobe reveals customer data stolen in security breach Adobe in source code and customer data security breach
(about 14 hours later)
Adobe has warned that 2.9 million customers might have had their information stolen during a cyber attack on the company's website. Adobe has confirmed that 2.9 million customers have had private information stolen during a "sophisticated" cyber attack on its website.
Stolen information includes customer names, encrypted credit or debit card numbers, and expiration dates. The attackers accessed encrypted customer passwords and payment card numbers, the company said.
Adobe said it believes that the attackers did not remove decrypted debit or credit card information. But it does not believe decrypted debit or credit card data was removed.
"We deeply regret that this incident occurred," said the company in a statement on its website. Adobe also revealed that it was investigating the "illegal access" of source code for numerous products, including Adobe Acrobat and ColdFusion.
Hackers might have had access to credit information after stealing user IDs and encrypted passwords. "We deeply regret that this incident occurred," said Brad Arkin, Adobe's chief security officer.
Adobe said that it is resetting passwords for the customer accounts it believes was compromised, and that those customers will get an email alerting them to the change. "Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident," he said.
It is also recommending that customers affected change their passwords and user information for other websites for which they used the same ID as a precaution. But Chester Wisniewski, senior adviser at internet security company Sophos, told the BBC: "Access to the source code could be very serious.
For those customers whose debit or credit card information is suspected of being compromised, Adobe is offering a complimentary one-year subscription to a credit-monitoring programme. "Billions of computers around the world use Adobe software, so if hackers manage to embed malicious code in official-looking software updates they could potentially take control of millions of machines.
Finally, the company said it had notified law enforcement officials and is working to identify the identity of the hackers. "This is on the same level as a Microsoft security breach," he added.
Adobe said that has noticed an uptick in cyber attacks recently, noting that attacks have now become one of the "unfortunate realities of doing business today." Adobe said it had been helped in its investigation by internet security journalist Brian Krebs and security expert Alex Holden.
It also said that the source code of numerous Adobe products may have been compromised. The two discovered a 40GB cache of Adobe source code while investigating attacks on three US data providers, Dun & Bradstreet, Kroll Background America, and LexisNexis.
Mr Krebs said the Adobe code was on a server he believed the hackers used.
Compromised
Adobe said that it is resetting passwords for the customer accounts it believes were compromised, and that those customers will get an email alerting them to the change.
It is also recommending that, as a precaution, customers affected change their passwords and user information for other websites for which they used the same ID.
For those customers whose debit or credit card information is suspected of being accessed, Adobe is offering a complimentary one-year subscription to a credit-monitoring programme.
Finally, the company said it had notified law enforcement officials and is working to identify the hackers.