ID: IRCNE2012111678
Date: 2012-11-18
According to "techworld", Adobe has shut down Connectusers.com, a community forum site for users of its Adobe Connect Web conferencing platform, because the site's user database was compromised.
Earlier this week, a hacker named "ViruS_HimA" claimed that he hacked into "one of Adobe's servers" and copied a database containing email addresses, password hashes and other information of over 150,000 Adobe customers, partners and employees.
To support his claim, the hacker published a limited set of records for users with email addresses ending in adobe.com, .mil and .gov.
"As soon as we became aware of the hacker's post, we launched our investigation, which (based on the information leaked by the hacker) led us to determine that the hacker appears to have compromised the Connectusers.com forum site," said Wiebke Lips, Adobe's senior manager of corporate communications.
The hacker leaked 644 records, but he claimed to have accessed the entire forum database, Lips said. "The forum has a total of about 150,000 registered users.
"We are in the process of resetting the passwords of impacted Connectusers.com forum members and will reach out to those members with instructions on how to set up new passwords once the forum services are restored," Lips said.
Privat recommended that users should follow password best practices and use different log-in credentials across different services.
Based on an analysis of the leaked data, the password hashes - encrypted versions of the passwords - stored in the compromised Adobe database had been generated with MD5, a cryptographic hash function that's known to be insecure, said Tal Beery, a security researcher at security firm Imperva.
- 3