Adobe Systems Inc. said a cyberattack on its systems has exposed credit-card information of 2.9 million customers.
The maker of Photoshop and other software said Thursday that the attackers accessed Adobe customer IDs and passwords on its systems. Through that, they were able to remove customer names, encrypted credit- and debit-card numbers, expiration dates and other information related to orders from customers worldwide. The company does not believe attackers removed credit- and debit-card numbers that weren’t encrypted.
Adobe is notifying customers and resetting passwords. It has alerted banks processing Adobe payments to help protect customer accounts. It is also working with federal law enforcement on its related investigation.
“Cyber attacks are one of the unfortunate realities of doing business today,” Brad Arkin, Adobe’s chief security officer, wrote in a blog post Thursday. “Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers.”
The San Jose, Calif., company says it is also investigating illegal access to the source code of numerous Adobe products, and that it believes the attacks are related.
Adobe shares fell 64 cents to close at $50.88 Thursday, and were unchanged in after-hours trading.