November 15, 2012
Adobe Servers Compromised, 150,000 Records Leaked
Michael Harper for redOrbit.com — Your Universe Online
Adobe is the latest to have their databases compromised as an Egyptian hacker has posted links to records of employees from Adobe as well as NASA and the US Military. The hacker, who goes by the name “Hima,” said he had hacked into Adobe´s server to gather these records before posting them on Pastebin. All told, Hima claims to have obtained the records for 150,000 Adobe clients and employees.
Adobe has acknowledged this compromise in a blog post, saying the Connectusers.com forum database was the target of this attack.
“At this point of our investigation, it appears that the Connectusers.com forum site was compromised by an unauthorized third party,” reads the blog.
“It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted.”
According to the New York Times, Hima had specifically chosen Adobe in his attack to highlight their “slow response time.”
Hima said he alerted Adobe about his attack shortly thereafter to test their timing. Hima has also complained that the company often took up to a week to respond to other vulnerability reports and take even longer – 3 to 4 months – to patch these security holes.
“Such big companies should really respond very fast and fix the security issues as fast as they can,” said Hima in a message he posted along with the dump of Adobe´s records.
Adobe seems to be reacting quickly to this attack, taking down ConnectUsers.com forum sites just hours after reports of the compromise began to circulate. The company has also began to reset the passwords of those affected by this breach. Adobe says they will begin reaching out to these customers to walk them through the process of setting up a new password and plan to restore the site as soon as they can.
The records stolen and posted by Hima contain a slew of information about the customers: names, company affiliation, email addresses, job titles, phones numbers and even usernames were distributed as a part of this leak. Passwords associated with these usernames were also leaked, though these passwords had been hashed, or encrypted to appear as a mixture of numbers, letters and symbols. Though hashing passwords is a common method to secure this information, it´s not the most secure of methods, and these passwords can easily be cracked with modern and readily available technology.
While Hima claims to have obtained quite a bit of personal information from thousands of Adobe clients and employees, the New York Times notes that some of this information may be old. For instance, they found the record of a man who is listed as a product manager for Adobe. After performing a quick LinkedIn search, they discovered the same man left Adobe to work for Google in 2010.
Hima has also claimed he has only released email addresses @ Adobe.com, *.gov or *.mil.
Though Adobe is acting quickly to restore their services, this may not be the last time we hear from Hima. The hacker is already promising a “hot leak” of Yahoo´s data in the near future, noting that companies should be more like Google when it comes to their security protocols.