Adobe Customer Service
A letter from Adobe. How nice. And it only took two weeks to arrive. I guess Adobe didn’t want to send me an email.
I own Photoshop and Lightroom. Or at least I used to own Photoshop and Lightroom. Now I rent the software from their Creative Cloud service.
When I first purchased from Adobe, I was required to provide them with my credit card information. Adobe assured me that it was a safe thing to do. These were their words:
Your information is secure with Adobe and Digital River, the approved e-commerce partner for the Adobe Store.
All online credit card sales are secured with SSL technology, the most secure encryption technology currently available for electronic transactions.
Wait a minute. This doesn’t line up with their letter:
We believe that the third party likely took from our systems certain customer names, payment card expiration dates, encrypted payment card numbers, and other information relating to customer orders.
“We believe”? “Likely took” Corporate doublespeak. Why not just tell the truth: We at Adobe were hacked and your information was taken.
Surely the encrypted credit card data is still secure with Adobe?
We have not been able to determine that any decrypted card numbers were taken as a result of this access to our systems.
Okay. More corporate doublespeak. So does that mean my credit card information is still secure?
We recommend that you monitor your account for incidents of fraud and identity theft including regularly reviewing your account statements and monitoring credit reports. If you discover any suspicious or unusual activity on your account or suspect identity theft or fraud, you should report it immediately to your financial institution.
Hackers were able to steal the source code for some of the Adobe products and access the records of almost 3 million customers after breaking into its systems. The breach is much higher perhaps as high as 150 million customers. I received emails from several other services telling me that my Adobe login credentials were contained on the list of breached accounts. I heard from them long before I heard from Adobe.
I’ll save everyone the trouble. Here was my old Adobe ID password:Â qMwG22GcmVnk
It was a unique password associated with one of my email addresses but not used anywhere else. I turfed that one as soon as I learned about the breach and put in another one. And this time I went with a 28-character password. A real tough one. Then I spent several hours going through about 100 other logins used by one of my email addresses to change about 100 equally cryptic and unique passwords to a set of new equally cryptic and unique passwords.
Why? Well, I thought it was appropriate to do a rotation knowing that one of my accounts with that email address had been compromised.
Better safe than sorry.
Thanks to Dave Teare and his team at AgileBits, I sleep soundly knowing that I have a good set of strong and unique passwords. 1Password is an awesome program and highly recommended. By using 1Password I don’t have to worry about hack companies like Adobe being unable to keep my credentials secure. 1Password makes it easy for me to create unique and strong passwords for every one of my accounts.
Although for now I’ll be watching my credit card statements for any unusual transactions.
I’ve been wary of the security measures associated with online transactions for a few years now. I used my personal solution as the topic for a blogging contest entry in 2011.
The article is still bona fide today, and had some renewed interest recently with the issues around processing credit card orders for the Kingston Penitentiary tours.
The card is still offered (now with a $6.95 annual fee) and is treated just like any regular bank credit card.
Unfortunately, my blog submission didn’t win… but then again “moneyville” isn’t on the virtual map anymore. 🙂 Here’s the link to my copy:
I received a similar letter, although mine was addressed to me. Monitoring my credit card account I noticed someone spent a lot of money on camera equipement. I’m going to have t look into this.
Er… you may notice a charge for a Nikon Df camera but there is no reason to conclude that the someone might have been me.