BU Today

Science & Tech

Change Your Adobe Password

Cyber-attack on company leaves BU customers potentially vulnerable

+

Members of the BU community who have created an account with Adobe to download or register any of the company’s software products should change their Adobe password in the wake of hackers breaching Adobe’s database.

It’s also advisable to change your BU Kerberos password, which can be done here. Instructions and links for doing these things are here. Even more important, if you’ve used the same password on any other secure accounts, you should get a new password for those as well, says Quinn Shamblin, the University’s executive director of information security.

“The problem is people use their password in many places,” he says. “When the bad guys crack the password, they’re immediately going to try to use that user ID and password everywhere they can think of,” including banks and retailer sites like Amazon and eBay. Shamblin suggests using a password management system to guard each password; find information on choosing a system here.

Shamblin says 9,000 accounts in Adobe’s hacked 153 million-plus database had BU email addresses, so “this event has the potential to impact a lot of BU people.”

“Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems,” the company said in its announcement about the attack in a blog post dated October 3. “We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.”

“We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident.”

The company said it was emailing customers information on how to change their password and would also notify customers whose credit or debit card information may have been compromised of steps on precautions against illegal use of that information. The company said that, where available, it would offer customers a one-year credit monitoring membership. Adobe notified banks processing its customers’ payments so that they could assist in protecting customers’ accounts.

+ Comments
Rich Barlow

Rich Barlow can be reached at barlowr@bu.edu.

Post Your Comment

(never shown)