It looks like Adobe is finally contacting folks about their massive data loss. Considering it was revealed on October 3, that makes over two months. (Likely longer since Adobe did not know about it for months).
Fortunately, Adobe was following "best practices".... Oh wait, according to Schneier and others, they were not [0,1]. How's that for corporate responsibility..... The executives at Adobe will probably give themselves bonuses for a job well done. [0] https://www.schneier.com/blog/archives/2013/11/cryptographic_b.html [1] http://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/ ---------- Message headers ---------- Delivered-To: [email protected] Received: by 10.220.10.8 with SMTP id n8csp284786vcn; Wed, 4 Dec 2013 09:14:17 -0800 (PST) X-Received: by 10.52.74.74 with SMTP id r10mr3646vdv.78.1386177257251; Wed, 04 Dec 2013 09:14:17 -0800 (PST) Return-Path: <bounce-62_html-169942194-272861-1324723-1...@bounce.mail.adobesystems.com> Received: from mta3.mail.adobesystems.com (mta3.mail.adobesystems.com. [68.232.207.54]) by mx.google.com with ESMTP id sl9si18323867vdc.21.2013.12.04.09.14.16 for <[email protected]>; Wed, 04 Dec 2013 09:14:17 -0800 (PST) Received-SPF: pass (google.com: domain of bounce-62_html-169942194-272861-1324723-1...@bounce.mail.adobesystems.com designates 68.232.207.54 as permitted sender) client-ip=68.232.207.54; Authentication-Results: mx.google.com; spf=pass (google.com: domain of bounce-62_html-169942194-272861-1324723-1...@bounce.mail.adobesystems.com designates 68.232.207.54 as permitted sender) smtp.mail=bounce-62_html-169942194-272861-1324723-1...@bounce.mail.adobesystems.com; dkim=pass [email protected]; dmarc=pass (p=NONE dis=NONE) header.from=mail.adobesystems.com DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=200608; d=mail.adobesystems.com; h=From:To:Subject:Date:MIME-Version:Reply-To:Message-ID:Content-Type:Content-Transfer-Encoding; [email protected]; bh=SlCDhFAVlbPLga27/9LPR+3U2Sk=; b=QHsl8/wPCIW+Qwt3GuT739mo0babgmXgx6mXzXrCXV/QGTu2zoW88wfXaUHeRlCHUBKt4suoQcFg ZaKmm0TdlQrKvGZalIxZ/QEy12d6/b/h2fzQuQZfE55/sMI6PsHbqRsjRuXOeq9jTqmJ1Nxiso1H Ssu3VxzluvyjoS2c/hA= DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=200608; d=mail.adobesystems.com; b=n5BAcsY59b7ghk9pg0+1htbmjtBWmMr72T/HuVgMWMopbqRNpmWbHNmOlQxBSZkM3pW/pWh1cugn UT5UxP5k6vWTO+f7IQTCdRECehFir5eGHR4D1rbZv01g+/5DTfQR1pfCOLRJm57S3Hyui4u/CMT2 okb40wS/g0kvcNzt6VY=; Received: by mta3.mail.adobesystems.com id hjthei163hsr for <[email protected]>; Wed, 4 Dec 2013 10:45:55 -0600 (envelope-from <bounce-62_html-169942194-272861-1324723-1...@bounce.mail.adobesystems.com>) From: "Adobe Customer Care" <[email protected]> To: <[email protected]> Subject: Important Password Reset Information Date: Wed, 04 Dec 2013 10:45:53 -0600 MIME-Version: 1.0 Reply-To: "ExactTarget Reply Mail Management" <reply-fec51677776c027c-62_html-169942194-1324723-1...@mail.adobesystems.com> x-job: 1324723_272861 Message-ID: <[email protected]> Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: 8bit ---------- Forwarded message ---------- From: Adobe Customer Care <[email protected]> Date: Wed, Dec 4, 2013 at 11:45 AM Subject: Important Password Reset Information To: [email protected] Important Password Reset Information [image: Adobe] Read online<http://view.mail.adobesystems.com/?j=fec51677776c027c&m=fe9915737760037f76&ls=fe2c16737c61017d771273&l=ff971272&s=fe2215767c6d007f741d74&jb=ff2e1571726c&ju=> [image: Adobe] *Important Password Reset Information * *To view this message in a language other than English, please click here <http://www.adobe.com/go/ncc-email>.* As we announced on October 3, 2013, we recently discovered that an attacker illegally entered our network and may have obtained access to your Adobe ID and encrypted password. We currently have no indication that there has been unauthorized activity on your account. To prevent unauthorized access to your account, we have reset your password. Please visit *www.adobe.com/go/passwordreset* to create a new password. We recommend that you also change your password on any website where you use the same user ID or password. In addition, please be on the lookout for suspicious email or phone scams seeking your personal information. We deeply regret any inconvenience this may cause you. We value the trust of our customers and are working aggressively to prevent these types of events from occurring in the future. If you have questions, you can learn more by visiting our Customer Alert page, which you will find here<http://www.adobe.com/go/customer_alert>. Adobe Customer Care Adobe, the Adobe logo and Adobe PDF logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners. ©2013 Adobe Systems Incorporated. All rights reserved.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
