Security Protection – Harry Waldron MVP Rotating Header Image

Adobe – Password Database breach impacts 230 users

Almost every month, new online password breaches are reported.  In this case, a relatively small group of users were impacted.  As noted, strong passwords and periodic changes are best practices that can help mitigate these attacks

https://isc.sans.edu/diary.html?storyid=14515

https://blogs.adobe.com/adobeconnect/2012/11/connectusers-com-forum-outage-following-database-compromise.html http://arstechnica.com/security/2012/11/adobe-breach-reportedly-spills-easy-to-crack-password-hashes/

QUOTE: Adobe has revealed that apparently a password database was compromised via a SQL injection attack. Ars Technica reports that the passwords were hashed using MD5 (not clear whether they were salted or not). Do we really need to remind you what constitutes a strong password and not to reuse them?  Adobe officials are investigating the breach of an online user forum related to its Connect conferencing software following a report that 230 names, e-mail addresses, and cryptographically hashed passwords were leaked online.

Some previous password diaries that might be of interest:

Potential leak of 6.5+ million LinkedIn password hashes

Critical Control 11: Account Monitoring and Control

Theoretical and Practical Password Entropy

An Impromptu Lesson on Passwords

Password Rules: Change them every 25 years (or when you know the target has been compromised)

Comments are closed.