A data breach forced Adobe to temporarily shut down one of its user forums earlier this week.
The Connectusers.com forum, where customers can discuss Adobe's Connect online conferencing service, was at the center of the attack, and is currently being investigated, according to Adobe.
The hacker, hailing from Egypt and hiding behind the alias ViruS_HimA, posted a file dump with more than 150,000 emails and passwords for Adobe employees, the U.S. Military, USAF, Google, and NASA.
"Adobe is a very big company but they don't really take care of them security issues," the hacker wrote in a message on Pastebin. "When someone report vulnerability to them, It take 5-7 days for the notification that they've received your report!! It even takes 3-4 months to patch the vulnerabilities!"
In a Wednesday blog post, Adobe Connect director Guillaume Privat confirmed that the site had been compromised "by an unauthorized third party," though no other Adobe services, including the actual Adobe Connect, were impacted.
Adobe customers were only a part of the hacker's larger leak, which included a screenshot of emails ending with adobe.com, .mil, and .gov, with the promise that the Egyptian hacker is "not looking to ruin Adobe['s] business."
Adobe took the Connectusers forum offline Tuesday evening, and is "working diligently to restore forum services as soon as possible," Privat said. Additionally, the company is in the process of resetting the passwords of those impacted by the hack, and will release instructions on how to set up new passwords once the forum is restored.
Adobe apologized for "the inconvenience this may cause to our forum members."
"Your security is of critical importance to us, and we appreciate your patience as we work towards restoring Connectusers.com forum services," Privat said.
ViruS_HimA may not be finished, though. The hacker warned that a Yahoo leak will be coming soon. "It gonna be very hot leak," the Pastebin document said.
Also this week, NASA revealed that a laptop with sensitive employee information was stolen from a worker's car. The agency is now moving to encrypt all employee machines.
View the Original article
No comments:
Post a Comment