According to Reuters, Adobe Systems Inc reported on Oct. 29, 2013 that the scope of a cyber-security breach disclosed nearly a month ago was far bigger than initially reported, with attackers obtaining data on more than 38 million customer accounts.

The company disclosed the breach on October 3, stating attackers took credit card information and other data from nearly 3 million customers’ accounts. Adobe also said that the hackers accessed an undisclosed number of Adobe IDs and encrypted passwords that were stored in a separate database. On Tuesday, it revealed that about 38 million records from that database were stolen.

On October 3, the company also reported that the attackers stole source code to three other products: Acrobat, ColdFusion and ColdFusion Builder.

Adobe spokeswoman Heather Edell said the software maker believes the attackers also obtained access to “many invalid Adobe IDs, inactive Adobe IDs, Adobe IDs with invalid encrypted passwords and test account data.”  She said the company is still investigating to determine how much invalid account information was breached and is in the process of notifying affected users.

Source: Reuters

Editorial Comment:  Adobe has sent letters dated October 15th to the affected accounts, yours truly included.  The company has engaged Experian offering a one year complementary use of Experian’s ProtectMyID Alert services.  The company recommends that one monitors accounts for incidents of fraud and identity theft, including reviewing account statements and monitoring of credit reports.  As a result of this unfortunate incident, yours truly spend more than two hours on preventative measures.