ID theftIf you ever questioned the need for identity theft protection read on.  Following a major hack at software vendor Adobe, one of the first things the company did is to offer free credit protection for customers who had their details stolen.

 

 

Three million customer records hacked from Adobe

You’ve probably heard of Adobe. It produces a range of ‘creative’ software tools that people use for design. It’s also used to read PDF files.  Last week Adobe declared that its network had been hacked and almost 3 million customer records removed from its servers.

This information hacked included customer names, encrypted credit and debit card numbers, expiration dates and other information used in customer orders. The company said it did not believe that unencrypted customer data had been hacked.

However, without wishing to cast aspersions and as a general point if unencrypted data had been hacked there would surely be waves of panic sweeping through the company and among its customers.

Free credit card monitoring to prevent identity theft

In response to the attack the company is contacting its customers whose data has been compromised with information on how to change their passwords.  It’s also notifying customer’s whose card payment details were taken.  And in a muted but significant gesture, the company is offering customers one year of free credit monitoring.

Essentially, this is an acknowledgement that some of the stolen credit card information might end up being used or put up for sale on the deep web. The deep web is a part of the internet you can’t access using a normal browser. It offers anonymity and is used for all sorts of things such as NGO organisations operating in ‘hostile’ environments who don’t want their communications tracked.

However, it’s also popular with hackers and there are certainly many deep web sites that offer credit card details for sale. Many vie with each for competition and attempt to entice users by promising ‘fresh’ batches of card information. This usually means personal details that have just been hacked from servers. Sometimes the server owner’s don’t even know it’s happened.

As is often the case when these large scale hackings occur Adobe didn’t want to publicise the fact. The hack was discovered by a security researcher who was exploring the content of a server that is believed to have been used by cyber criminals to store data from other hacks. Adobe data was then discovered.

Can hackers embed malicious code into Adobe software?

When Adobe was informed it said it was aware of the breach and had been investigating it since September 17th this year.  As well as losing personal data, there is another potentially very damaging consequence.

The Adobe data discovered on the server was source code for which is essentially the building blocks for software.  And apparently some of the source code was for products that have not yet been released.

Commenting on this, one industry observer pointed out that because Adobe is used on millions of computers around the world hackers could potentially embed malicious code into Adobe software and quietly take control of all the computers running that software, which could easily number in the millions.

While this is speculative it’s certainly possible. It also illustrates the scale of fraud that can be carried out by cyber criminals. The internet has radically altered the way we live today presenting all sorts of new opportunities, but it’s also opened up a world of potential for criminals to carry out villainy on an industrial scale.

It also illustrates the need to protect your information with something like BullGuard Identity Protection which essentially monitors the web for your personal information and immediately warns you if your data has been compromised.

You may not be a user of Adobe software but hackers target organisations where they can get the best returns whether it’s a clothes retailer, an online book store or a software vendor.

50% off  sale on the deep web

There’s one web site on the deep web that currently offers 50% off products that are being sold on Amazon, whether it’s an Apple Air Book, a smartphone or some high-end camera. How do they do this? Most likely by making the purchases using credit card details hacked from a server or bought on the deep web.

 

avatarWritten by Steve Bell (75 Posts)

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.


Leave a Reply

Your email address will not be published.


*