Adobe Systems, which makes software such as Photoshop, Reader and Creative Cloud, on Friday said its security team has discovered “sophisticated attacks” on its network, exposing financial information of its 2.9 million customers.
“Adobe's security team discovered suspicious activity during regular security monitoring. Our investigation to date indicates that the cyber attackers removed certain customer information between September 11 and September 17, 2013,” an Adobe spokesperson said in an emailed response to The Hindu.
The US-based company said investigations indicate that the attackers accessed Adobe customer IDs and encrypted passwords on their systems.
“We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers. This includes customer names, encrypted credit or debit card numbers, expiration dates and other information relating to customer orders," the spokesperson added.
Adobe said at this time, it does not believe the attackers removed decrypted credit or debit card numbers from their systems. However, the spokesperson added, “Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident.”
The company said it is working internally as well as with external partners and law enforcement, to address the incident.
The company said it is notifying customers whose credit or debit card information it believes to be involved in the incident and is resetting relevant customer passwords to prevent unauthorized access to Adobe ID accounts. It has also notified the banks processing customer payments for Adobe.