Why The Adobe Breach Was Bad For Everyone

Last week, hackers broke into Adobe’s servers and stole a number of things, most notably:

  • Millions of encrypted user accounts with email, passwords and credit card numbers, and
  • Source code for Adobe’s high end products such as Acrobat and ColdFusion.

At a consumer level, you are affected by this in a couple of ways, both bad. As always, be very careful about where you obtain your software! Purchase Adobe products only from reputable sources, such as Adobe.com and Amazon.com. Cracked products usually contain malicious code that your antivirus software probably won’t detect. We also need to be concerned about Adobe products in general, until Adobe can verify that the products on their site are legitimately their code. The fact that hackers could get into the site means they had the ability to change the code for legitimate downloads from Adobe’s own site.

As for the encrypted passwords, a breach like this is a hacker’s dream — they can spend weeks or months practicing breaking the encryption. Once they do, even if you have changed your password, hackers now have a better understanding of not only how to crack passwords, but also what passwords people choose.

Again, all around bad news with the following takeaways:

  • Be vigilant about where you purchase your software, and update your Adobe products regularly!
  • Use long, strong passwords. I recommend using a password manager (Firefox’s built-in, LastPass or Roboform) and a password generator like http://www.correcthorsebatterystaple.net to generate strong passwords.