Adobe confirms breach of Connectusers.com forum database, shuts down website
Adobe is in the process of resetting the passwords of all Connectusers.com forum users
IDG News Service - Adobe has shut down Connectusers.com, a community forum site for users of its Adobe Connect Web conferencing platform, because the site's user database was compromised.
On Tuesday, a hacker named "ViruS_HimA" claimed that he hacked into "one of Adobe's servers" and copied a database containing email addresses, password hashes and other information of over 150,000 Adobe customers, partners and employees.
To support his claim, the hacker published a limited set of records for users with email addresses ending in adobe.com, .mil and .gov.
"As soon as we became aware of the hacker's post, we launched our investigation, which (based on the information leaked by the hacker) led us to determine that the hacker appears to have compromised the Connectusers.com forum site," said Wiebke Lips, Adobe's senior manager of corporate communications, Wednesday via email.
The hacker leaked 644 records, but he claimed to have accessed the entire forum database, Lips said. "The forum has a total of about 150,000 registered users."
"We are in the process of resetting the passwords of impacted Connectusers.com forum members and will reach out to those members with instructions on how to set up new passwords once the forum services are restored," Lips said.
The forum site was taken offline Tuesday evening, said Guillaume Privat, director of Adobe Connect, Wednesday in a blog post. "It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted," he said.
Privat recommended that users should follow password best practices and use different log-in credentials across different services. However, as other data leaks have shown in the past, a lot of users don't do this, which could allow hackers to break into their accounts on many other websites.
Based on an analysis of the leaked data, the password hashes -- encrypted versions of the passwords -- stored in the compromised Adobe database had been generated with MD5, a cryptographic hash function that's known to be insecure, said Tal Beery, a security researcher at security firm Imperva, via email. This means that they can easily be cracked to recover the original passwords, he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts