If you ever questioned the need for identity theft protection read on. Following a major hack at software vendor Adobe, one of the first things the company did is to offer free credit protection for customers who had their details stolen.
Three million customer records hacked from Adobe
You’ve probably heard of Adobe. It produces a range of ‘creative’ software tools that people use for design. It’s also used to read PDF files. Last week Adobe declared that its network had been hacked and almost 3 million customer records removed from its servers.
This information hacked included customer names, encrypted credit and debit card numbers, expiration dates and other information used in customer orders. The company said it did not believe that unencrypted customer data had been hacked.
However, without wishing to cast aspersions and as a general point if unencrypted data had been hacked there would surely be waves of panic sweeping through the company and among its customers.
Free credit card monitoring to prevent identity theft
In response to the attack the company is contacting its customers whose data has been compromised with information on how to change their passwords. It’s also notifying customer’s whose card payment details were taken. And in a muted but significant gesture, the company is offering customers one year of free credit monitoring.
Essentially, this is an acknowledgement that some of the stolen credit card information might end up being used or put up for sale on the deep web. The deep web is a part of the internet you can’t access using a normal browser. It offers anonymity and is used for all sorts of things such as NGO organisations operating in ‘hostile’ environments who don’t want their communications tracked.
However, it’s also popular with hackers and there are certainly many deep web sites that offer credit card details for sale. Many vie with each for competition and attempt to entice users by promising ‘fresh’ batches of card information. This usually means personal details that have just been hacked from servers. Sometimes the server owner’s don’t even know it’s happened.
As is often the case when these large scale hackings occur Adobe didn’t want to publicise the fact. The hack was discovered by a security researcher who was exploring the content of a server that is believed to have been used by cyber criminals to store data from other hacks. Adobe data was then discovered.
Can hackers embed malicious code into Adobe software?
When Adobe was informed it said it was aware of the breach and had been investigating it since September 17th this year. As well as losing personal data, there is another potentially very damaging consequence.
The Adobe data discovered on the server was source code for which is essentially the building blocks for software. And apparently some of the source code was for products that have not yet been released.
Commenting on this, one industry observer pointed out that because Adobe is used on millions of computers around the world hackers could potentially embed malicious code into Adobe software and quietly take control of all the computers running that software, which could easily number in the millions.
While this is speculative it’s certainly possible. It also illustrates the scale of fraud that can be carried out by cyber criminals. The internet has radically altered the way we live today presenting all sorts of new opportunities, but it’s also opened up a world of potential for criminals to carry out villainy on an industrial scale.
It also illustrates the need to protect your information with something like BullGuard Identity Protection which essentially monitors the web for your personal information and immediately warns you if your data has been compromised.
You may not be a user of Adobe software but hackers target organisations where they can get the best returns whether it’s a clothes retailer, an online book store or a software vendor.
50% off sale on the deep web
There’s one web site on the deep web that currently offers 50% off products that are being sold on Amazon, whether it’s an Apple Air Book, a smartphone or some high-end camera. How do they do this? Most likely by making the purchases using credit card details hacked from a server or bought on the deep web.