New York Based IT Firm Weighs in on Adobe Security Breach, Says Customers' Credit Cards Have Been Decrypted
New York, NY (PRWEB) October 18, 2013 -- As reported by the New York Times on October 3, 2013 (“Adobe Announces Security Breach”, http://www.nytimes.com/2013/10/04/technology/adobe-announces-security-breach.html?_r=0) Software giant Adobe announced that nearly 3 million of their user database stored with sensitive customer information was compromised as a result of a massive security breach. The hackers responsible for this invasion of privacy are said to have access to customer IDs and passwords as well as encrypted credit card information including expiration dates and recent orders.
Brad Arkin, Chief Security Officer for Adobe products and services, recently stated in an official Adobe blogpost (http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html) that the investigators don’t believe the attackers removed decrypted credit or debit card numbers and that there is no increased risk to customers as a result of this incident.
Michael Good, CEO of New York based firm IT New York, who has recently spoken on cyber security issues regarding the Dalai Lama on websites like The Shanghaiist, explains a few reasons why the general public should be worried, and why he disagrees with Arkin's assessment of the damage the hackers have caused.
“It doesn’t matter whether the credit or debit card numbers were decrypted. Since the hackers had completely penetrated Adobe, the hackers figured out how the credit card information is encrypted. Sophisticated hackers, and even beginner hackers, plan on the credit card numbers being encrypted. Most people are aware that credit cards are encrypted. Using unique, or perhaps pre-written scripts or programs, the hackers have decoded the credit card numbers because they were stored in the cloud,” explains Good. He goes on to say that many IT New York associates and friends are reporting fraudulent charges to their credit cards and debit cards as an alleged result of the Adobe hack. “The nearly 3 million customers who are exposed through this breach of private information stolen by the hackers are already being maliciously used,” Good clarifies.
Additional issues are also surfacing amid the cyber security attacks. A fellow IT New York contractor, Blake Taricco details further, “When I'm on the main Photoshop page and try to create a new document, it opens a new document, closes the document, and then returns me to the main Photoshop page. It's been very frustrating. The scary thing is that it's hard to tell if this is a bug or part of a malicious attack.”
"Adobe stores credit card information instead of using it one time and then deleting it, the hackers wrote a script to decode the credit card information,” says Michael Good, CEO of IT New York. Brian Krebs and Alex Holden of Hold Security state that the a massive 40GB source code trove stashed on a server used by the same cyber criminals believed to have hacked into major data aggregators earlier this year, including LexisNexis, Dun & Bradstreet, and Kroll Background America. These appear to be the same cyber criminals who have created an encrypted channel of communications from within LexisNexis’s internal systems and had access to the company's internal networks for over 5 months. (http://uk.reuters.com/article/2013/10/04/us-adobe-cyberattack-idUKBRE99212Y20131004)
“Adobe may bank on the public naivety about encrypted credit card information as a preventative measurement to avoid being hacked,” say Michael, but, “real programmers and security experts know that Adobe Creative Cloud customers are at are severe risk of identity theft, fraudulent charges, and other harm.” One website, StudentCity.com, actually confessed to hackers stealing their clients credit card information and decrypting it. (http://www.databreaches.net/studentcity-com-hacked-hackers-decode-encrypted-credit-card-data/).
Good of IT New York goes on to say, “Adobe Creative Cloud users need to be vigilant in checking their credit card, debit card, bank, and email accounts. The Adobe Creative Cloud hack has much serious repercussions than Adobe has led the public to think. Adobe’s Head of Cyber Security, Brad Arkin saying that there is no "increased risk to customers as a result of this incident,” well, to be polite, I’ll just say that sounds a bit like rubbish in my humble opinion. The hackers have the source code to the Adobe Creative Cloud products and can do with it as they please. In other words, that they can find new vulnerabilities and disrupt your next Photoshop project for example, or do something more malicious programs that track everything you type, or backdoor Trojans (software that lets you control someone else's computer) on your computer via Adobe Creative Cloud products. It really is more of a threat than the watered down version we are getting back from Adobe’s team.”
Michael Good, who is an expert in web and cyber securities, also has a team comprised of Certified Ethical Hackers (CEH), Computer Hacking Forensic Investigators (CHFI), Certified Information Systems Security Professionals (CISSP), and Certified Information Systems Auditors (CISA). He is currently available for interview opportunities to discuss the Adobe hack in further detail. For all media, press, features, or special contributor opportunities please contact Royal Kingdom PR at 206-203-1818 or contact via email at royalkingdompr (at) gmail (dot) com or visit the IT New York’s website at http://www.it-newyork.com.
About IT New York:
IT New York formed in 2011 with offices in New York City, the D.C. Metro Area, and internationally in India was founded by serial entrepreneur Michael Good. IT New York is a full service information technology firm that provides tailored round-the-clock support software designing and development, web security, SEO services, marketing, and remote administration. IT New York boasts high profiled and lucrative clients such as software companies, hedge funds, venture capital firms, and marketing agencies. For more information on IT New York please visit http://www.it-newyork.com. Please direct all media/press inquiries to Royal Kingdom PR Agency, Inc. at royalkingdompr (at) gmail (dot) com or by phone at 206-203-1818.
Shay Brown, Publicist, Royal Kingdom PR Agency, Inc., http://www.it-newyork.com, +1 901-297-7048, [email protected]
Share this article