Adobe’s Servers Were Hacked – Your eBookstore Accounts Might be Affected

adobe-logoIf you got an email from Adobe this weekend with a subject line that mentioned something about a password, I suggest that you take it seriously.

That email wasn’t a phishing attempt or some attempt to trick you; Adobe revealed late last week that they had suffered a security breach which affected up to 2.9 million customer accounts:

Cyber attacks are one of the unfortunate realities of doing business today. Given the profile and widespread use of many of our products, Adobe has attracted increasing attention from cyber attackers. Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related.

I haven’t bought anything from Adobe so I haven’t given Adobe any credit card info, but I still got an email on Saturday. I am taking it seriously, and so should you.

If you have ever downloaded a DRMed Epub ebook and then transferred it from your computer to another reading app or ereader then you have probably used your Adobe ID somewhere in the process. This ID consists of an email and password, and it is this info that may have been compromised when Adobe’s server’s were hacked.

And now that password may or may not be in the hands of a hacker.  This is no reason to panic, but a prompt response is warranted. I suggest that you read the email from Adobe and follow the instructions. I don’t think it’s very likely that your financial info will be compromised but I also believe that it is better to be safe than sorry.

Update: And while you’re at it you might want to also consider whether you also used the same password/email combination on other sites. You should change those as well, especially if they have credit card or other payment info attached. Thanks, Alexander, for the suggestion!

P.S. I know that many in the anti-Amazon crowd like to talk about how the Epub ebook market is not locked down to a particular ebookstore, but the reality is that all the ebookstores, apps, and ereaders that support Adobe DE DRM all have the same weakpoint: Adobe. Tell me, how exactly is this better than being locked to a single ebookstore?

8 thoughts on “Adobe’s Servers Were Hacked – Your eBookstore Accounts Might be Affected

  1. I got that email too.

    re: “all the ebookstores, apps, and ereaders that support Adobe DE DRM all have the same weakpoint: Adobe”

    Kobo doesn’t use Adobe except for side-loading Kobo purchased epubs. If you simply buy Kobo books, read them directly on Android, iOS, Blackberry tablet or smartphone apps or on a Kobo ereader, you don’t need an Adobe account.

    I think the main risk in the Adobe breach is that some people (not pointing fingers, mind you) use the same email address and password in multiple places. So, who knows? Perhaps your email and password for Amazon account is the same as Adobe Reader ….

    1. My postscript also referred to the fact that if you want to strip the DRM off your Kobo ebooks you first need to download the Epub and then crack the Adobe DRM. That means that the kobo ebookstore shares the same vulnerability as other Epub ebookstores.

    1. You are aware that for both EPUB with DRM and Kindle-Books with DRM you can easily strip it? So Bezos does not lock up books anymore than Adobe & Co. And after stripping DRM you can convert it in the needed format for your reader.
      And it is not Bezos (Amazon) who is responsible wether a book is DRM-infected or not, Amazon has sold me a few books without DRM. As with EPUB at fault is the publisher.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>