Jump to content

The LoversLab Times

AwfulArchdemon

By AwfulArchdemon,
in General Discussion

Recommended Posts

AwfulArchdemon

AwfulArchdemon

Posted
Posted

The LoversLab Times

 

----------------------------------------------------------------------------------------------------

 

 

 

 

You may receive a letter in the mail stating that a third party has illegally obtained personal information from it's customers. The statement will say the following:

 

 
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Dear [Loverslab member]:
 
On behalf of Adobe Systems, I am writing to inform you about an incident that involved information about you. We recently discovered that, between September 11 and September 17, an unauthorized third party illegally accessed certain customer order information. We take the security of personal information very seriously and deeply regret that this incident occurred.
 
We began investigating the incident as soon as we learned of it. Although our investigation is ongoing, we believe that the third party likely removed from our systems certain customer names, payment card expiration dates, encrypted payment card numbers, and other information relating to customer orders. In addition, the third party used our systems to decrypt some card numbers. We have not been able to confirm that any decrypted card numbers were removed as a result of this access to our systems. We have contacted federal law enforcement and the banks processing payments for Adobe, and are assisting in their investigation of this incident.
 
We recommend that you closely review the information provided in this letter for some steps you can take to help protect yourself against the potential misuse of of your personal information. As a precaution, we have arranged for you (at your option) to enroll in a complimentary one-year credit monitoring membership. We have engaged Experian to provide you with it's ProtectMyID Alert membership, which provides daily credit monitoring of the Experian credit Bureau, fraud resolution assistance, and identity theft insurance. You have until February 28, 2014 to activate this complimentary credit monitoring membership by using the following activation code: ADB******. This code is unique for your use and may not be shared. To enroll, please visit http://www.protectmyid.com/adobe or call (866) 578 5413.
 
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
 
Adobe's Chief Security Officer, Brad Arkin, signs the back of the letter.
 
Adobe
PO Box 483
Chanhassen, MN 55317
 
 
Be careful. Adobe has apparently been stolen from. Your personal information may or may not have been stolen. I am investigating this further, and will divulge more information as it becomes available to me.
 
Thank you.
AwfulArchdemon
Link to comment

AwfulArchdemon

AwfulArchdemon

Posted
  • Author
Posted
Adobe
 
Customer security alert

 

What happened?

Adobe's security team recently discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related. We are working diligently internally, as well as with external partners and law enforcement, to address the incident. 

Read the FAQ

What do I need to do?
  • If your Adobe ID and password were involved: Adobe has already reset your password. You will receive an email notification from Adobe with information on how to change your password. We are only notifying customers whose user ID and password were involved, and that process is already underway.
  • Changing your password: If you have not yet received a notification but would like to change your password on any Adobe service, you may do so at any time. Change your Adobe ID password.
  • Passwords and IDs for specific Adobe services: Adobe ID is a separate system from the user ID and logins associated with EchoSign, Behance, TypeKit, Marketing Cloud, and Connect Pro. If you use the same password for your Adobe ID and any of these services, please change your passwords for these other services as well.
  • Other websites: As a precaution, we also strongly recommend that you change your password on any website where you may have used the same user ID and password as your Adobe ID and password.
  • Protect yourself against non-legitimate email “phishing” attempts: If you received an email requesting you to change your password, and you’re concerned whether it is legitimate, don't click any links in the email. Instead, type www.adobe.com/go/passwordreset into your browser to be sure. How to recognize phishing attempts.

 

 

U.S. and Canada

1-866-412-8699

View all phone numbers

Frequently Asked Questions
What information exactly did the attacker gain access to?

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.

We are also investigating the illegal access to source code of numerous Adobe products. Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident.

How did Adobe discover this incident?

Adobe's security team discovered suspicious activity during regular security monitoring

How did this happen?

Our investigation is still ongoing. Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers.

What is Adobe doing in response?

As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. Customers whose user ID and password were involved will receive an email notification from Adobe with information on how to change their password. We also recommend that customers change their passwords on any website where they may have used the same user ID and password.

We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. Customers whose credit or debit card information was involved will receive a notification letter from us with additional information on steps they can take to help protect themselves against potential misuse of personal information about them. We have also notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers' accounts.

U.S. only: Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership.

We continue to work diligently internally, as well as with external partners, to address the incident. We have contacted federal law enforcement and are assisting in their investigation.

What is the geographic scope of the customer information involved in the incident?

Adobe customers worldwide provide us with account information, so we are taking the precaution of resetting relevant customer passwords and notifying any customers who have provided us with their credit or debit card information.

Is Adobe working with law enforcement on its investigation?

Yes.

How do customers know the information they share with Adobe is secure moving forward?

We value the trust of our customers. We will work aggressively to prevent these types of events from occurring in the future. We are working diligently internally, as well as with external partners and law enforcement, to address the incident. 

How will customers know if their information was accessed?

As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. Customers whose user ID and password were involved will receive an email notification from Adobe with information on how to change their password. We also recommend that customers change their passwords on any website where they may have used the same user ID and password.

We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. Customers whose credit or debit card information was involved will receive a notification letter from us with additional information on steps they can take to help protect themselves against potential misuse of personal information about them.

Is Adobe software itself vulnerable as a result of this incident?

We are not aware of any zero-day exploits targeting Adobe products. However, we recommend customers run only supported versions of the software, apply all available security updates, and follow the advice in relevant security hardening guides. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products.

Should customers cancel their credit cards?

Adobe has notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers' accounts.

We are also in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. Customers whose credit or debit card information was involved will receive a notification letter from us with additional information on steps they can take to help protect themselves against potential misuse of personal information about them.

U.S. only: Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership.

We also recommend that customers monitor their account for incidents of fraud and identity theft, including regularly reviewing your account statements and monitoring free credit reports. If customers discover any suspicious or unusual activity on their account or suspect identity theft or fraud, they should report it immediately to their financial institution.

U.S. only: In addition, customers may contact the Federal Trade Commission (FTC) or law enforcement to report incidents of identity theft or to learn about steps they can take to protect themselves from identity theft. To learn more, customers can go to the FTC’s website, at www.consumer.gov/idtheft, call the FTC at (877) IDTHEFT (438-4338), or write to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580.

Should customers change their passwords on all of their online accounts?

Adobe recommends that customers change their passwords on any website where they may have used the same user ID and password.

Should customers stop using Adobe products?

No. Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident. However, we recommend customers run only supported versions of the software, apply all available security updates, and follow the advice in relevant security hardening guides. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products.

We value the trust of our customers, and are working diligently internally, as well as with external partners and law enforcement, to address the incident.

What security advice can you provide to Adobe customers?

Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident. However, we recommend customers run only supported versions of the software, apply all available security updates, and follow the advice in relevant security hardening guides. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products.

We value the trust of our customers, and are working diligently internally, as well as with external partners and law enforcement, to address the incident.

What security measures does Adobe have in place to protect its customer information?

Security and in particular the security of customer information are very important to us. We are working diligently internally, as well as with external partners and law enforcement, to address the incident. We value the trust of our customers and will work aggressively to prevent these types of events from occurring in the future.

Adobe seems to have a lot of security issues. Why is that?

 

---------------------------------------------------------------------------------------------------------------------

 

Here's the link to the Adobe page I posted: http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html?promoid=KHQGF

 

Link to comment
aesliip

aesliip

Posted
Posted

Looks like a nicely polished phishing gig to me.

Same concept, just much better grammar and spelling. Pretty slick.

 

EDIT: I did a WHOIS lookup of the domain . It was tied to Consumerinfo.com. Googling this website highlights it's usage on various malicious websites, such as those offering free credit reports. You can very likely just assume this is a phishing attempt.

Link to comment
AwfulArchdemon

AwfulArchdemon

Posted
  • Author
Posted

I got one of those, but I didn't read it.  I just assumed it was bullshit.

It's not.

 

I just had a live chat session with Adobe. They told me it's all true, but they had a 'funny' way of repeatedly telling me "they don't believe anyone got their customers' personal information". "No guarantees" is what I picked up from our conversation. I uninstalled Photoshop.

Link to comment
AwfulArchdemon

AwfulArchdemon

Posted
  • Author
Posted

Well it is not a Scam or Phishing attempt.

this is from scamicide. reporting on scams, identity theft and other internet security breaches.

from Oct. 5th 2013

 

Adobe makes software used by millions of consumers.  Recently Adobe announced that it had been hacked and personal information belonging to 2.9 million of its customers was stolen.  The stolen information included names, encrypted credit card numbers, and expiration dates as well as information pertaining to individual orders.  In response, Adobe is resetting passwords for affected customers.  If your user ID and password were compromised by the hacking, you will be receiving an email from Adobe with information about changing your password.  It is important if you use the same password on other websites, as many people do, that you also change your passwords there as well.  It is a good idea to have a different password at each website you go to.  Adobe is also offering customers whose credit or debit card information was stolen a free credit monitoring service for one year.

TIPS

If, as many people, you use Adobe products, you should be on high alert to the possibility of identity theft.  Keep close tabs on all of your accounts particularly those debit cards or credit cards that you may have used at Adobe.

 

btw, you didn't have to uninstall photoshop, all that would of needed to be done is edit your hosts file to set photoshop to a 127.0.0.1 loopback temporarily disabling updates until they clean the fan.

See that's just it...I paid my cc bill so I could get Photoshop back up and running, but every time I ran Photoshop, it would tell me I had to renew my subscription, which was different from normal. Before, I would run PS, and it would fire right up, as long as there was room on my cc.

 

Lately, the message is all I got, but then that letter came to me in the mail, so I put 2&2 together, and did a bunch of research, and sure enough, it's a real threat. That's why I got rid of PS. It's the only thing I've paid for from Adobe using my cc, and I'm thinking every time I tried to fire PS up, it would do something else with my payment info, instead of letting my PS know my payment was made.

Link to comment
mojodajojo

mojodajojo

Posted
Posted

 

Well it is not a Scam or Phishing attempt.

this is from scamicide. reporting on scams, identity theft and other internet security breaches.

from Oct. 5th 2013

 

Adobe makes software used by millions of consumers.  Recently Adobe announced that it had been hacked and personal information belonging to 2.9 million of its customers was stolen.  The stolen information included names, encrypted credit card numbers, and expiration dates as well as information pertaining to individual orders.  In response, Adobe is resetting passwords for affected customers.  If your user ID and password were compromised by the hacking, you will be receiving an email from Adobe with information about changing your password.  It is important if you use the same password on other websites, as many people do, that you also change your passwords there as well.  It is a good idea to have a different password at each website you go to.  Adobe is also offering customers whose credit or debit card information was stolen a free credit monitoring service for one year.

TIPS

If, as many people, you use Adobe products, you should be on high alert to the possibility of identity theft.  Keep close tabs on all of your accounts particularly those debit cards or credit cards that you may have used at Adobe.

 

btw, you didn't have to uninstall photoshop, all that would of needed to be done is edit your hosts file to set photoshop to a 127.0.0.1 loopback temporarily disabling updates until they clean the fan.

See that's just it...I paid my cc bill so I could get Photoshop back up and running, but every time I ran Photoshop, it would tell me I had to renew my subscription, which was different from normal. Before, I would run PS, and it would fire right up, as long as there was room on my cc.

 

Lately, the message is all I got, but then that letter came to me in the mail, so I put 2&2 together, and did a bunch of research, and sure enough, it's a real threat. That's why I got rid of PS. It's the only thing I've paid for from Adobe using my cc, and I'm thinking every time I tried to fire PS up, it would do something else with my payment info, instead of letting my PS know my payment was made.

 

 

This makes me glad I've never paid them for anything.

 

Link to comment
...0...

...0...

Posted
Posted

Ive zero personal date on my pc and i dont do financial transactions on internet. They hack me what they want ive nothing of value or to hide for that matter.

PHISHING is common so ignore put on block problem solved.

 

As one of poster said early most of these emails are bullshit, i put them on block and ignore.

 

I register on game sites maybe thats of interest to them only thing they can pish from me:P

 

Got many different email and as many different complicated passwords most used only on game sites and some PC OC sites thats all.

 

No social networkes facebook-twitter-google  or any other im a blind spot on tha internet unknown species:P

 

Hope you guys are ok and not harmed by these crooks.

Link to comment
Guest carywinton

Guest carywinton

Posted
Posted

Thanks for the update, I see it as just another scam. When I receive things like this and believe me I do, I filter through thousands of emails a day running my own servers, I verify the source by merely going directly to the associated vendor's web site. If all is fine there, then obviously it's just a scam and it goes on the "Black List". Done deal.

 

The official Adobe recommendations are described here regarding this.

http://helpx.adobe.com/x-productkb/policy-pricing/customer-alert.html?promoid=KHQGF

Link to comment
RitualClarity

RitualClarity

Posted
Posted

I like the "illegal access to source code" part of the "faq". With that if, or more likely when these individuals look over the code they will find many, many possible exploits in the code that they can use to gain access to computers. It is possible.

 

It is the nature of today's world that computers and companies will be hacked. I have seperate passwords for the various accounts and rarely use cc on anything other than reliable companies. I look at the bill through the web site every time I get paid to verify and pay the bill. This helps me notice any unusual activity so that I can contact them. I also have to check the ballance of by bank at the same time... Also another protection. It takes about 15 minutes to make sure 90% of any issues that can happen will be caught before they become an issue in RL.

 

In the past some a hole did get access to the CC and was testing the system with a dollar a day for 5 days then tried for 1$ an hour. The stupid credit card company didn't realize that it was happening. However because I paid my bill earlier before they were due.. (basically using cc for cash I have in the bank already) I caught them before they caused massive damage. The only place I could of had that got access was a book store for school bought on line. The cc company was quite interested in the fact that I had used that card there and nowhere else for well over 2 years. I had a secure connection and my other credit cards weren't affected around that time. (they waited for about 2 months to see if others would be affected. The other cc company was notified to look for unusual activities. ) Finally when they finished and removed the charges.. which by the way was still occurring however not affecting the total credit limit. They removed the charges when they came in and called me about various purchases I made during that same time to see if I was the one doing so. I asked the question. So the company that the SCHOOL used to host the books for this program (not part of the school) was hacked, correct. I got a very curt response. Thank you for your cooperation. All reported charges, associated charges and any fees or fines have been removed. Have a nice day... Good by. No answer regardless of my continuing asking. They just hung up. I dialed back and got customer service. Talked to someone in Customer service and ask them.. They stated that they couldn't respond to any investigations. I stated I couldn't continue with their services. Cancel my card and send me a final payment. Thank you. When they tried to talk.. I hung up. I got the final bill (correct) in two weeks.

 

After that I watched the cards when I used them. I check all charges from banks and cards when I get paid. Don't deal with any risky companies. And likely in the future when needing to purchace anything out of the normal seek out a gift card or an alternate CC number for that purchase. I haven't checked that out. Someone told me that you can call the credit card company and the can give a temp number for purchasing.

Link to comment
RitualClarity

RitualClarity

Posted
Posted

Those Fools send me one too, i don't even own any adobe crap :D

 

I was like,,, I don't own anything.. then I remember that I had used a trial version of some software to do a quick task. That was why I got one. No purchase. I don't care about the passwords being compromised I changed them every 3 months or less anyway.

 

Link to comment
  • 1 month later...
AwfulArchdemon

AwfulArchdemon

Posted
  • Author
Posted

The LoversLab Times

 

----------------------------------------------------------------------------------------------------------------------

 

 

 

 

Formerly known as 'Attention Adobe Users!', I have decided to make this thread the (un)Official LoversLab News thread.

 

I've discovered yet more disturbing news. Every time I do, I'll post it here.

 

 

 

Everything posted here will rightfully be computer related.

 

 

 

The newest news:

 

Facebook, Gmail, and Twitter, and possibly others, have been hacked. Here is the news report from wpxi.com:

 

 

Many passwords are believed to have been stolen. If the Adobe scare wasn't enough to get people to change their passwords on a regular basis, create hard to guess passwords, and use complicated passwords, this should open a few eyes.

 

 

Officials said Facebook suffered the biggest hack – 318,000 accounts were compromised. An estimated 70,000 Gmail and Google Plus accounts were hacked and 60,000 Yahoo accounts were compromised.

A majority of the compromised users were in the Netherlands, followed by Thailand, Germany, Singapore and the United States.

 

More disturbing news of account hacking. This is getting ridiculous.

 

 

Be careful, everyone. It seems to be a popular trend to hack people's accounts lately, so be smart about your personal information. Now is a good time to change all of your log-on information. I'd invest in a password protection tool, if I were you.

 

I use Kaspersky Password Manager.post-111270-0-74803700-1482637634_thumb.png

 

 

This reporter will have more news for you in the days to come. We here at The LoversLab Times are always on the scene, to give the newest, late-breaking news, regarding the safety of your computer.

 

 

If anyone has news regarding a computer related incident, you are invited to post it here, on The LoversLab Times. The people need to know!

 

 

This is AwfulArchdemon, reporting LIVE, from LoversLab.

Link to comment

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

View Community Rules

Help Support LoversLab

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. For more information, see our Privacy Policy & Terms of Use