Thursday, November 7, 2013

Adobe Email/Password Hack Up To 150 Million - Tool To Check If Yours Was Compromised

Were you one of those lucky ones to have your account compromised in the Adobe hack?  I was. Thankfully I received an email from Adobe alerting me to the fact so I was able to immediately change my password, but many people were not and they have remained blissfully ignorant. And now it turns out there might have been many more accounts compromised than previously thought. 

Initially only 2.9 million users were estimated to have been hacked, then it jumped to 38 million, now they think it could be a whopping 150 million. That's 150 million user names and passwords out there ready to be used by some reprobate criminal. 

If you haven't been notified you should still check, and there's an easy way to do that. LastPass has created a free tool that will let you know if your account was hacked, and notify you of how many people had the same password as you.  I decided to check, just for the heck of it, and as expected mine had been hacked.  What shocked me, however, was that my password, one that I thought was pretty dang unique, was used by 73 other people. May not seem like many, when you consider there were so many people effected, but still.  Now I need to purge that password from any other account I might be using it with.

Petapixel (source of this post) reminds everyone about Adobe's advice to account holders:

It’s more important than ever that you heed the initial advice Adobe doled out: change your password (all of them if you tend to use the same one on multiple accounts) and check your bank and credit card accounts often over the next few months.

Oh, and here’s another sad tidbit that has come to light thanks to the Adobe hack: the three most popular passwords used by the Adobe users who were hacked are “123465″, “123456789″ and “password” — with security like that, who needs encryption!

NakedSecurity (Sophos AV) has information on the Adobe hack, and how woefully inadequate  it was.

Last Pass Secure Tool to check if your email was hacked.

No comments: