Software giant Adobe on Wednesday confirmed claims by a self-proclaimed “Egyptian” hacker to have compromised a user support forum frequented by customers of its Connect web conferencing technology, stealing user account information and posting some of it online.
Adobe’s Director of Connect, Guillaume Privat, acknowledged in a blog post on Wednesday that the compromise of the Connectusers.com forum by an “unauthorized third-party” was for real and that the company has disabled the forum while it investigates the incident.
The breach was first disclosed on Tuesday when a hacker calling himself “ViruS_HimA” posted what appeared to be account e-mail and password information online through web sites like pastebin.com and sendspace.com. The hacker claimed to have compromised a database server used to maintain the Connnectusers.com forum and downloaded information on 150,000 account holders, including the users names, login IDs, hashed password values, employer and e-mail address.
The motive for the hack was to show up what “ViruS_HimA” said were poor IT security practices at Adobe. In particular, he called out lax patching, suggesting that the compromise came by way of an exploit of a known vulnerability in the server software.
In acknowledging the breach, Privat said that a company investigation suggests that it was limited to the Connectusers.com forum and doesn’t affect any other company services. Adobe is resetting passwords for Connectusers.com accounts that were exposed in the breach. The company said it will contact any users whose passwords were reset.
“We sincerely apologize for the inconvenience this may cause to our forum members. Your security is of critical importance to us, and we appreciate your patience as we work towards restoring Connectusers.com forum services.”
As with any breach of a high-profile software publisher, the leak of e-mail addresses and password hashes from Connectusers.com sets the stage for follow-on attacks against members of that forum, which included accounts linked to both the U.S. government and military, as well as Adobe itself. Password re-use between online accounts is common, and Adobe encouraged forum users to maintain separate login credentials for different online services.