It’s been two weeks since I posted What Questions Should You be Asking About the Adobe Security Breach? Here’s an update on what’s been happening since then.
When Adobe ($ADBE) was attacked, the hackers stole customer information and source code from Adobe products. It was unclear exactly what would happen next. The stolen source code was the big cause of worry, and for good reason. On October 16, Brian Krebs reported that PR Newswire had been hacked and the breach could be linked to the same hackers who attacked Adobe; the stolen information from PR Newswire was found on the same server as the pilfered Adobe content.
The hackers seem to be targeting vulnerabilities they find within the stolen code. The prediction is that they’re sifting through the code, attempting to find widespread weaknesses, intending to exploit them with maximum effect by using zero-day attacks. Though we haven’t seen any huge ramifications from the breaches with Adobe and PR Newswire, we’re certainly not in the clear yet. The stolen information from PR Newswire could be used to release fake statements that could cause significant financial losses to many companies. False press releases could cause mayhem with stock prices for whoever hackers decide to target through PR Newswire.
The stolen information from Adobe could provide a wealth of potential cyber-attacks for hackers while the breached content from PR Newswire gives them easy targets. The attack on Adobe is serving as a stepping stone to other targets.