Camera Craniums

Software, Editing and Printing => Adobe Photoshop => Topic started by: 2Beers on October 04, 2013, 04:02:00 PM

Title: Adobe Web Site Hacked
Post by: 2Beers on October 04, 2013, 04:02:00 PM
It would appear that the Adobe web site has been hacked and they have been sending out emails to customers advising them to change their passwords

http://www.dpreview.com/news/2013/10/03/adobe-accounts-hacked-data-exposed-for-2-9-million-customers?utm_campaign=internal-link&utm_source=news-list&utm_medium=text&ref=title_0_2

I would also watch your credit cards
Title: Re: Adobe Web Site Hacked
Post by: donoreo on October 04, 2013, 06:05:48 PM
I had an email overnight from Adobe telling me to change my password.  I did it this morning. 
Title: Re: Adobe Web Site Hacked
Post by: Hinfrance on October 04, 2013, 08:14:35 PM
I checked the email validity before I changed my password. Anyone who tries to use my credit card to have fun is in for a surprise ;)
Title: Re: Adobe Web Site Hacked
Post by: jinky on October 05, 2013, 10:50:32 AM
Well I changed mine but I never leave credit card details with any site.
Title: Re: Adobe Web Site Hacked
Post by: Oldboy on October 05, 2013, 06:44:48 PM
Well I changed mine but I never leave credit card details with any site.

If you've used a credit card to buy anything from Adobe then they have your details. In the USA they don't have chip and pin cards so it's easier to produce a blank card with your details and use it to buy things.  :o
Title: Re: Adobe Web Site Hacked
Post by: donoreo on October 06, 2013, 08:26:57 AM
Well I changed mine but I never leave credit card details with any site.

If you've used a credit card to buy anything from Adobe then they have your details. In the USA they don't have chip and pin cards so it's easier to produce a blank card with your details and use it to buy things.  :o
They are so far behind on that!  We have had only chip and pin cards issued here for several years now. 
Title: Re: Adobe Web Site Hacked
Post by: Alfonso_Frisk on October 21, 2013, 07:40:05 PM
Ive just got an email from them about this hack.
They say as a precaution they have changed my password for me and I must log in to select a new password of my own.
However, they have NOT  told me the password they have given me.
I am now very suspicious indeed and reluctant to visit the site
Title: Re: Adobe Web Site Hacked
Post by: Reinardina on October 21, 2013, 07:52:22 PM
Ive just got an email from them about this hack.
They say as a precaution they have changed my password for me and I must log in to select a new password of my own.
However, they have told me the password they have given me.
I am now very suspicious indeed and reluctant to visit the site

Think I can smell a rat too.

For starters, it seems a bit late, as other people had an email straight away, and not weeks later.

I think someone is using the known hack, to 'raise money' for his own purpose.

But is there any danger in (trying) to get to the Adobe site? Not using any links provided in the email of course. Just type the web address in yourself.

Have you googled it, to see if there is anything known about this possible scam?
Title: Re: Adobe Web Site Hacked
Post by: Alfonso_Frisk on October 21, 2013, 08:00:46 PM
Update
Hmmm, another twist
I have 6 email accounts with my provider
I purchased LR4 in January using email account 5
I provided them an alternative address as requested by them using email 1.
This latest email message has arrived in email box No.6.
They should not have this address so I deffo small a rat now.
Bit more digging me thinks
Title: Re: Adobe Web Site Hacked
Post by: jinky on October 22, 2013, 06:37:45 AM
I think it`s OK. That`s the way they informed me too. I was suspicious so went to the adobe UK site and tried to log in  and got similar messages so was able to change my passowd. All happened as expected. I`ve seen a few companies give you a page link to just fill out a new password - thus already applying a new temporary password without actually saying it.
Title: Re: Adobe Web Site Hacked
Post by: Hinfrance on October 22, 2013, 08:39:39 AM
Alf, you can find out where the emails are really coming from by clicking 'view source'* or something similar in whatever email client you are using. A genuine email will almost certainly have come through a number of servers you don't recognise the names of, but there ought to be a recognisable Adobe server at the source in this case.

*in Thunderbird this is under the sub menu 'other actions'
Title: Re: Adobe Web Site Hacked
Post by: jinky on November 08, 2013, 04:50:41 PM
A friend posted this as a means of checking if your account was one of those hacked to encourage you to use their password software. According to them my Adobe account was hacked and is on a published list of accessed accounts but my Linked In account was not. Evidently 545 other people had their account protected with the same password as me and they named it for me without me supplying so it`s obviously on a list. Changed now and not used that one anywhere else that matters. You can check here if you want - I am assured it is safe but your risk.

https://lastpass.com/adobe/
Title: Re: Adobe Web Site Hacked
Post by: Hinfrance on November 08, 2013, 06:35:27 PM
You can trust Lastpass.

Mine's not on the hacked list, but I changed the password anyway.
Title: Re: Adobe Web Site Hacked
Post by: Alfonso_Frisk on November 08, 2013, 07:13:28 PM
Just run 6 of my email addresses through last pass.
Apparently I have 3 accounts with adobe. 2 of which I have no records of.
I did purchase LR4 in January so that accounts for one of them.
Title: Re: Adobe Web Site Hacked
Post by: Alfonso_Frisk on November 21, 2013, 01:23:00 PM
I have just received a mail though the post from Adobe telling me about the hack etc.
They are also advising that I do regular checks of my bank accounts for signs of fraud and to also monitor credit reports etc.
Hmmm. Ive emailed them back asking them if they will pay the £15pcm for my credit report at Experian to be reset up and running so I can monitor my security
Title: Re: Adobe Web Site Hacked
Post by: Andrew on November 21, 2013, 04:49:36 PM
I've just had my second letter of Adobe about this - it appears they have me down under an e-mail address i used several years ago, as well as the current one.

I think their real problem has been that they have been through 2 or 3 DB updates over the last few years and have made a hash of migrating data to the newer versions. I know this because i had to fight witht them to get my LR upgrade because they had no record of me ever having bought V2, and the same when i tried to upgrade my Photoshop to CS4.

I provided them with a whole raft of licence keys that they seemed to have never had details for, it was comical. I was even asked for my sales reciept for Ps v6 - some where back in 1999... When i asked if the person i was talking to had reciepts from software they'd bought and upgraded several times since 1999 i got a meek reply advising they hadn't.

As also said, another reason is they are based in America, which does not have the secure online system we do in the UK, and most of Europe. When in Vegas a few years ago, tried to pay for a meal by card and waitress to walk off with my card and swipte through the machine out the back and then get me to 'sign something'. Needless to say, she didn't wander off with my card, but i did have to concede they were still in the dark days and have to sign for things - and as in 2000, still using modems that shared the normal voice line and had to plgged in or unplugged according to what the line would be used for.

This brings me nicely on to Pentagon hacks - which is also the result of crap security. I'm always reminded of the introduction of Windows 2000 and the security that could not be set above 128 but encryption in the States (because the Pentagon etc couldn't manage encryption of that level) where as us in the UK were given an option to upgrade to 256 bit encryption, and that only because computers at the time struggled working with that level of encryption. I have no idea what level we're working with today, but it is mainly bolstered by 'multiple levels' of security.

Maybe this is why the NSA needs GCHQ to do the surveilence work - because America really is just not up to the job of offering proper security or decent surveilence systems...

Anyway, my e-mail address is apparently on that list of cracked e-mail addresses - so i suppose it just takes for me to trash the whole account and start again, because a change will still be as weak as the hack  :uglystupid2: