Adobe on Thursday confirmed that malicious parties had compromised its networks and potentially gleaned credit card and other personal information from the accounts of nearly three million users.
The creative software company revealed the breach in a post to its official blog. Adobe's security team recently discovered a number of "sophisticated attacks" on its network, with some of those attacks targeting customer information and source code for several Adobe products.
In all, the attackers are believed to have stolen information on 2.9 million Adobe account holders. That data includes customer names, encrypted credit and debit card numbers, expiration dates, and other customer order information. Adobe does not believe that decrypted credit or debit card numbers were removed from the network.
Adobe has contacted federal law enforcement for help in the investigation and is resetting passwords for affected accounts in order to prevent further unauthorized access. Owners of affected Adobe ID accounts will receive an email notification from Adobe with information on how to change their passwords.
The company also recommends that account holders affected by the attack change their passwords on any website where they may have signed up with the same login credentials.
On its end, Adobe has spread news of the breach to banks that process its payments, and is coordinating with payment card companies and card-issuing institutions to help protect customers' accounts. In addition, the company is extending a free one-year credit monitoring membership to those customers whose information was compromised.