Adobe Systems is of course the company behind Photoshop and Acrobat PDF Reader. It is the maker of some of the most popular software on the planet. As such, it was able to generate a massive account database of people downloading and installing its software. With such a market reach and such market power, you would expect that the company would be more proactive in ensuring that the identity and sensitive information of its member base would be protected from hackers.
Unfortunately, this doesn’t appear to be the case. According to LastPass, a security service specializing in password storage, over 152 million adobe system accounts has been found in a text file stored on a hacker form frequented by cyber criminals. If this is true and most of those accounts turn out to be legit, this can be a serious headache for Adobe Systems. I’m not trying to say that this might inspire a lawsuit or what but it will definitely erode the company’s online brand. Security breaches always have a tendency to knock companies off focus and blindside them and this recent revelation by LastPass has the ingredients to be such a case.
If the name LastPass seem familiar to you, it should. LastPass is one of the most popular Chrome and Firefox browser plug ins that allow people to store their passwords to many of the internet’s most popular websites. It helps make browsing the internet easier and more convenient because you don’t have to fish through text files to find the log in and password for your webmail and your other accounts online. If anybody would know the security ramifications of sensitive log in information being compromised, it would be LastPass.
To Adobe’s credit, it is saying that a lot of the Adobe IDs found by LastPass turned out to be fake. Be that as it may, even if a small fraction of these are active and real, that’s still too many. LastPass is saying that this problem might have occurred because Adobe was not salting the account info its members. Salting is when an account owner would create a log in and a password and the system would encode it. Prior to encoding, the system would add superfluous or extra characters to the credentials so that way, the credentials won’t look similar to each other. This is one crucial security step that according to LastPass, Adobe Systems forgot to do. It should be interesting how this plays out and what the fallout, if any, would be.