News is coming out today that the number of Adobe user accounts that were compromised, with stolen credit card and other personal details, is not the original 2.9 million users as first reported, or the 38 million users that we reported recently, but rather now over 150 million users.
Many Adobe users who had their accounts compromised are finding out not from Adobe, however. It seems Adobe is moving very slowly in notifying those affected users that they need to cancel credit cards, change passwords, etc.
Thankfully, password security firm LastPass is providing the service that Adobe hasn’t, allowing users to simply enter any email addresses they might have used with Adobe, and LastPass cross-references the email address to the list of compromised Adobe accounts.
If you email address is clean, the warning screen appears yellow, as seen above. If your email address/password/personal details have been compromised, the warning screen appears red, as seen below.
LastPass states they do not store any information, including your password, if you use their tool. Better safe than sorry.
NOTE: One of the HSW team members had their email address in the list and is now going through the headache of changing passwords and cancelling credit cards. (LastPass revealed that 644 other users in the Adobe database had the same exact password! So much for unique, when the HSW team member thought it was a really unique password! And LastPass provided the 154 password hints that were used with that associated password, which further confirmed that lack of uniqueness in the password. Our team members says, “Lesson learned: use a password that truly has numbers and symbols mixed and that lacks any meaning!”
Run any and all email addresses you have ever used with Adobe, including product registrations, through their tool. With 150 million compromised users, you don’t want to play the lottery on this one!