Hackers are quite the relentless ones, aren’t they? In a new effort, Adobe’s Connect online conferencing service has been compromised in a breach, forcing the company to reset approximately 150,000 user passwords of site members who use Connectusers.com. The company’s software is frequently targeted by hackers, as it is widely used to publish digital documents, a statement released today explains. Regardless, can’t hackers give it a rest already?
The good news is that Adobe assures its Connect Web conferencing service and other company sites were not infiltrated. The software maker was brought to light on this concern yesterday, when a hacker apparently claimed in an online posting to have stolen log-in credentials of the 150,000 Adobe customers and partners.
The cyber criminal– who claims to be from Egypt – released 644 records from the site including e-mails, defending the move as a way to highlight how slow Adobe works to fix its security problems. The question is: Is an invasive and dangerous breach really necessary to point out something that the company was most likely already in the works towards fixing? Clearly the team was aware of this problem, especially after witnessing the string of attacks encountered over the recent past.
On Adobe’s official blog, the company said the following:
Adobe is currently investigating reports of a compromise of aConnectusers.com forum database. These reports first started circulating late during the day on Tuesday, November 13, 2012. At this point of our investigation, it appears that the Connectusers.com forum site was compromised by an unauthorized third party. It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted.
The site then listed the precautionary steps it’s taking to protect its users, including taking the site offline Tuesday night as well as resetting the passwords of impacted Connectusers.com forum members who it says it will reach out to with instructions on how to set up their new passwords when ready.
As if the situation couldn’t get any worse, the hacker also promised to release data stolen from Yahoo. Whether this will be followed up on is yet to be seen. Moreover, the Adobe breach was also discovered only one week after Russian security firm Group-IB claimed it had uncovered a flaw in the company’s Reader software which proved criminals were planning to attack PCs by infecting them with malicious PDF documents.
Wiebke Lips, an Adobe spokeswoman, commented that Adobe is still reviewing the report and has not yet received samples of this accusation regarding the threatening code discovered by the security firm.
Edited by Jamie Epstein