Adobe just reported that the company has been the target of a major cyber attack. Their security team discovered “sophisticated attacks on their network, involving the illegal access of customer information as well as source code for numerous Adobe products.”

The security team believed that the attackers got hold of the Adobe customer IDs, encrypted passwords, encrypted credit card/debit card numbers, and expiration dates of around 2.9 million Adobe customers. They also believed that the attackers did not remove decrypted credit or debit card numbers.

As a precaution, Adobe are taking the following steps:

  • As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
  • We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
  • We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
    We have contacted federal law enforcement and are assisting in their investigation.

It remains to be seen what are the long-lasting consequences that can result from this incident, but as a current Creative Cloud customer, I am worried about this attack. It does remind me that in today’s world, a lot of our sensitive information are floating online and even companies as big as Adobe are not immune to cyber attacks. It is worth to note that Adobe does not specify that only Creative Cloud customers are affected, so even those who are still using CS6 or older may have their sensitive information compromised.

You can read the rest of Adobe’s Press Release on Adobe’s Blog.

So what are your thoughts on this situation?