The personal information of 2.9 million Adobe customers has been taken in a “sophisticated attack” on the company’s network.
Brad Arkin, Adobe’s Chief Security Officer, revealed the breach in an announcement on the company’s website.
“Cyber attacks are one of the unfortunate realities of doing business today,” said Arkin in the statement.
“Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products."
“We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders.”
Despite the theft, Arkin stated that, as of yet, easily accessible payment details had not been found to be taken: “At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.”
“We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident,” he added.
Despite fears of some commentators that the stolen product code could be used to create even more malicious programs and exploits, Arkin said that the code taken was not known to be able to be used in that way.
“Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident,” he explained.