Hackers reportedly hit 38 million Adobe accounts than the 2.9 million originally thought The Telegraph reported Wednesday.
"We have completed email notification of these users," Adobe spokeswoman Heather Edell said in a statement The Telegraph reported. "We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident -- regardless of whether those users are active or not. We are still in the process of investigating the number of inactive, invalid and test accounts involved in the incident," she said. "Our notification to inactive users is ongoing."
Hackers also acquired invalid Adobe IDs, inactive Adobe IDs, Adobe IDs with invalid encrypted passwords and information about test accounts the blog Krebs On Security reported. Hackers also reportedly got a hold of source codes for at least two of the software company's major products.
"We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders," Adobe chief security officer Brad Arkin said in a statement on the company's website Oct. 3 when the news first came out. "At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems."
The breach was found by Adobe's security team on the company's network, and may be connected.
"The far more worrying story is that hackers apparently have obtained 40 gigabytes of Adobe source code, which may include Adobe's most popular products, Adobe Acrobat and ColdFusion," Aaron Titus chief privacy officer at Identity Finder told USA Today. "Security professionals in organizations around the world should be on high alert for an increase in Acrobat-related attacks as hackers analyze the code for possible zero-day exploits."
