Adobe Hacked: Almost 3 Million Accounts Compromised 256
sl4shd0rk writes "Adobe Systems Inc. is expected to announce today that hackers broke into its network and stole source code for an as-yet undetermined number of software titles, including its ColdFusion Web application platform, and possibly its Acrobat family of products. The company said hackers also accessed nearly three million customer credit card records, and stole login data for an undetermined number of Adobe user accounts."
Re:Couldn't have happened... (Score:3, Interesting)
I, for one... (Score:5, Interesting)
Re:3 million? (Score:5, Interesting)
ColdFusion is built on JRun which is the most miserable POS Java servlet container conceived by the mind of man.
Since the source code is out maybe it will get some bug fixes.
Re:No cloud for you! (Score:5, Interesting)
This is the same company that wants you to rely on their security as the only way to their products now that they only rent a cloud based versions of Acrobat Suite.
This.
I was actually on the verge of buying some of their stuff just a week ago. Decided against it when I found out they don't sell standalone versions anymore.
Re:Interesting Quote (Score:5, Interesting)
Worse. The source code included the required NSA backdoor. Now requiring to insert backdoors to manufacturers will lead to the logical consequence
We live in a society that, as Bill Hicks noted, is at about an eighth-grade emotional level collectively (he was being generous). Few people acknowledge the logical consequence, and seem to believe it magically goes away if they really, badly, truly wish hard enough or get upset enough.
I suspect the government understands the situation, however. Malicious attackers and other criminals exploiting mandatory backdoors only provides an excuse for more laws regulating the Internet and expanding executive powers. To protect you from those evil hackers, of course. If nothing else, the NSA gets their little back-door so they can more easily betray their own countrymen in the name of safety; if that goes wrong in the worst possible way, then: bonus! For the evil men who love power and know no loyalty, it's a win-win. Sadly.
Adobe != security (Score:5, Interesting)
At my work, they require us to take annual security training ... and this year, I flat out refused to take it from any of my systems ... because I had to install flash & turn on java in my web browser. I had to go to the 'training center' to take it from one of the machines there.
... not a week later, the first of the 2013 Flash vulnerabilities was announced ... then a couple of weeks later, another one ... then the Java one ...
Then I was told that I had to take the 'advanced security' training ... what was the recommendation? to turn off flash & java in your web browser.
ah, the irony.
Use pre-paid credit card (Score:0, Interesting)
If you don't trust a company's security systems, then for smaller purchases from that company, use a pre-paid anonymous credit card. Don't attach any personal information to the card by registering it.
You can also use a pre-paid anonymous credit card at gas stations, restaurants, etc. where you don't feel comfortable giving them your regular credit card.
It costs a little more than using your regular credit card, and record-keeping for tax purposes is a little more trouble, but you'll be safer.
Re:See... this is why I torrent cracked versions. (Score:5, Interesting)
Especially when the break in was prior to the 17th of September and they didn't notify customer until another customer noticed Adobe source code floating around the internet October the 13th. It would seem if an outside company had not discovered the evidence of the breach Adobes customers would never have been warned that their log in details and credit card details had been stolen. Oh but the credit card details still maybe might secure because they were encrypted and those that could hack the system (likely ex-insiders and outsourcers) maybe might not have passwords for the encryption even though they had passwords for everything else.
It seems like Adobe needs to be answering some very serious question in a court of law as to why that information was withheld from customers for so long.