According to Reuters, Adobe Systems Inc reported on Oct. 29, 2013 that the scope of a cyber-security breach disclosed nearly a month ago was far bigger than initially reported, with attackers obtaining data on more than 38 million customer accounts.
The company disclosed the breach on October 3, stating attackers took credit card information and other data from nearly 3 million customers’ accounts. Adobe also said that the hackers accessed an undisclosed number of Adobe IDs and encrypted passwords that were stored in a separate database. On Tuesday, it revealed that about 38 million records from that database were stolen.
On October 3, the company also reported that the attackers stole source code to three other products: Acrobat, ColdFusion and ColdFusion Builder.
Adobe spokeswoman Heather Edell said the software maker believes the attackers also obtained access to “many invalid Adobe IDs, inactive Adobe IDs, Adobe IDs with invalid encrypted passwords and test account data.” She said the company is still investigating to determine how much invalid account information was breached and is in the process of notifying affected users.