Nearly 7.5 Million Adobe Creative Cloud Users Exposed To Hackers (threatpost.com) 26
Nearly 7.5 million Adobe Creative Cloud users are left open to phishing campaigns after their records were left exposed to the internet. Threatpost reports: Adobe Creative Cloud, which has an estimated 15 million subscribers, is a monthly service that gives users access to a suite of popular Adobe products such as Photoshop, Lightroom, Illustrator, InDesign, Premiere Pro, Audition, After Effects and others. Comparitech partnered with security researcher Bob Diachenko to uncover the exposed database. The Elasticsearch database could be tapped without a password or any other authentication; offering an attacker access to email addresses, account information and which Adobe products that users purchased. The data did not include payment information or passwords. The user data "wasn't particularly sensitive," but it could be used to create convincing phishing emails aimed at Adobe users, according to Comparitech researcher Paul Bischoff, in Friday research shared with Threatpost. "The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams," Bischoff noted. "Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example."
Cancelled today (Score:2)
If I hadn't cancelled this morning for various other reasons (Fresco not being included in the Photographer tier, Photoshop for iPad apparently NOT being feature complete when it releases, an attempt earlier this year to raise prices, and solid, cheaper competition), this would have been the final straw.
Re: (Score:1)
Affinity Photo - goes for less than $100 bucks. I bought mine a couple of years ago and they have been pumping out updates (bought v1.5x in 2016 and they are at 1.7.3something now and no requests for additional payments) They have other tools too, but they do not do video editing.
For RAW converter I am using Capture One Pro, but there are other things out there that are relatively cheap and that run on multiple platforms (read OS's).
Re: Cancelled today (Score:1)
Re: (Score:1)
step 1: force orgs to hand over email addresses (Score:5, Interesting)
step 2: lay out all those forced hand-overs on the internet
what was step 3 again?
Adobe forced us to hand over thousands of our users' email addresses by forcing us to go from device licensing to cloud accounts this year, and here we though the worst that was going to happen as a result is they were going to use all those yummy emails to email-market-spam our users. But no, they found a way to make an abusive deal even worse. Leave it to Adobe.
Now we're going to have to try to deflect some more spear phishing. The email guy's gonna just love this.
From the company that brought you... (Score:2)
Flash, PDF, and Dmitry Sklyarov.
What did you expect?
Dmitry Sklyarov and Adobe Systems (Score:2)
Quoting:
"The original issue came to the attention of prosecutors when Adobe Systems, a U.S. company, complained that copy protection arrangements in its e-book file format were being illegally circumvented by ElcomSoft's product. Adobe withdrew its complaint, but United States Department of Justice prosecutors (under the authority of local U.S. Attorney Robert S. Mueller, future Director of the FBI) declined to likewise drop the charges."
And:
"On Decemb
Re: Dmitry Sklyarov and Adobe Systems (Score:2)
"under the authority of local U.S. Attorney Robert S. Mueller"
Robert Mueller, persecuting people on bogus charges since (at least) 2002.
PDF was a wonderful early Adobe contribution. (Score:3, Insightful)
It's necessary to have a file format for full documents that everyone can read.
Adobe has been RENTING software. (Score:2)
So, Adobe has been RENTING the software, rather than selling it.
One of our customers spent $2,000 to update to the last Adobe Creative Suite version that was not forced to be in the "cloud". The customer already had an earlier version, and the version that cost $2,000 didn't have all the latest updates.
Re: (Score:2)
Just wait. The first time their actual files end up somewhere, rather than just their personal info, Adobe is done. And given Adobe's history of security (Flash, for example), I can't imagine why anybody would trust Creative Cloud as far as they can throw an Adobe executive.
I'd love to go back to paying Adobe for Photoshop and Lightroom upgrades, but not like that. For now, I'm on CS6, and it looks like when I upgrade to Catalina, I'll start migrating to a competitor's offerings.
Re: (Score:2)
Amazingly abusive: The managers of businesses and most customers don't have much technical knowledge, so it is easy to abuse them.
So, Adobe has been RENTING the software, rather than selling it.
One of our customers spent $2,000 to update to the last Adobe Creative Suite version that was not forced to be in the "cloud". The customer already had an earlier version, and the version that cost $2,000 didn't have all the latest updates.
The industry is shifting to subscription. It has it's pro's and cons. These companies have to support and patch these products. It isn't free.
$2000 for buying outright sounds like it could be the full creative suite for ALL Adobe products for 3 people. OR it could be Acrobat DC for 60 employees.
The details are important. Because when you consider that you need to upgrade these products every few years, you realize that you need to weigh the balance between outright cost, subscription cost, and security. N
Re: Adobe has been RENTING software. (Score:1)
Re: (Score:2)
Adobe withdrew all the licenses for older versions of Creative Cloud and the Creative Suite no longer activates since they took down the activation servers.
The Cloud Bad (Score:3)
This is why the Cloud is always a BAD idea, and why I hate that every software now-a-days wants you to have an on line account to use the software. Stop forcing us to use the Cloud and you will stop having breaches!!!
Re: (Score:2)
I'm so glad I'm retired - no one can force me to use any software! My software resides on my drives, and runs on my computer. Ditto my data. The 'cloud' is an abomination, as far as I'm concerned.
Re: The Cloud Bad (Score:3, Interesting)
Re: (Score:2)
Good God, You and me both... I retired in 2010 from 20 years as a Windows/Linux sysadmin, and when I retired, my personal systems were Win7/Ubuntu dualboot. Soon after I retired I decided I was done with anything MS, and killed the Win7 partition. Now, after seeing what a steaming pile of excrement Windows 10 is, and how it blatantly abuses those who are either forced to use it, or don't know any better, I couldn't be happier with my decision... FUCK MICROSOFT (AND ADOBE) (geez that felt good..)
And yea people are starting to notice (Score:3)
âoeCloudsâ are not secure enough, and provide epic possibilities for mayhem.
Highly Likely ... (Score:2)
"The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams," Bischoff noted. "Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example."
These people subscribed to a "Cloud Service" so we know already that they are not exactly the sharpest tools in the shed, so it is quite likely that if someone claiming to be from Adobe asked them for something they would hand it over with
That desktop computer (Score:2)
Re: (Score:2)
Another case for Libre software. (Score:2)