Adobe Systems

Ophthalmology and Dermatology patients affected by data breach

January 25th, 2015

Laptop has been reported missing from Riverside County Regional Medical Center (RCRMC) in California which led to the data breach. The affected individuals include approximately 7,900 ophthalmology and dermatology patients. The organization’s chief compliance officer, Jan Remm, said that the hospital wasted no time in informing local law enforcement.

“We are taking significant measures to safeguard patient privacy and to restrict unauthorized access to computers and devices that potentially contain patient data,” Remm said in a statement. “The privacy of our patients is a fundamental priority in our organization and part of our commitment to quality healthcare.”

The laptop was unencrypted. Remm stated that there will be in depth investigation of the problem. Notification letters are being mailed to potentially impacted patients. Affected information includes names, addresses, dates of birth, Social Security numbers and health plan policy numbers.

Remm believes that laptop was not stolen for the information it contained.  According to the press release:

Remm said the hospital has significantly strengthened its inventory controls to prevent future loss of electronic devices, while cyber-security experts are currently encrypting all the organization’s computers and laptops to safeguard patient data.

Patients concerned about whether their information was stored on the laptop are encouraged to contact the RCRMC confidential assistance line staffed with professionals familiar with this incident.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

 

Facebook alert its users following Adobe data breach

November 19th, 2013

Back in October, approximately 150,000,000 Adobe customer’s user information was compromised in a stupendous data breach. After such a massive damage to Adobe during security breach, Facebook users who use the same credentials as that of Adobe were asked by Facebook to take precaution so as to protect their information. Facebook’s security team is mining the data leaked from the Adobe breach to find users who are currently using the same password that they used for Adobe.

Facebook has locked the accounts of these users and the only way to unlock their account is by answering a few security questions and changing the compromised password. Facebook is telling such users that for their own sake, “No one can see you on Facebook until you finish.”

You may be wondering how Facebook is able to pinpoint which users are committing the security mistake of reusing passwords. The researchers at the social media website pass an Adobe

user’s recovered password through their hashing function, allowing them to see if the result matches what they have on record for that user. These actions show how the website is being proactive and responsible when it comes to users’ security and privacy.

This alertness by Facebook perfectly illustrates the importance of having multiple passwords and not reusing passwords on different sites, especially those which may have been compromised or leaked in the past. It is also critical to create strong and unique passwords that hackers will not be able to guess easily. Following these quick and easy password precautions will ensure your security and privacy on all of your favorite websites.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Adobe : 38 million accounts affected in data breach

October 31st, 2013

US-based Adobe Systems, which sells Photoshop and Acrobat software, told that accounts and passwords of 38 million users had been compromised by cyber criminals.

An Adobe spokesperson said “Our investigation has confirmed that the attackers obtained access to Adobe IDs and what were at the time valid, encrypted passwords for approximately 38 million active users”.

The California-headquartered firm said it has informed all the affected users and has reset their passwords.

As told by Adobe, the company faced two attacks from cyber criminals who stole credit card data of 2.9 million customers. Its security team had discovered the sophisticated attacks involving illegal access of customer information and source code of many Adobe products.

the spokesperson further added “We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident regardless of whether those users are active or not”.

Products made by Adobe are used by film and video makers, web and graphic designers, creative professionals, professional publishers, enterprises and individual consumers. The products are widely used on the Internet, including reading and viewing of documents.

Adobe users avail its various offerings through accounts for which they pay a particular fee depending on the services.

“Our investigation is still ongoing, and we anticipate the full investigation will take some time to complete,” the spokesperson said.

Geographies where the accounts had been compromised have still not been revealed. Adobe has offices in about 34 countries across North America, Asia, Australia and New Zealand, Europe, Middle East, Africa and South America.

It also has a significant presence in India with R&D offices in Bangalore and Noida and sales offices in Bangalore, Noida and Mumbai.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Adobe hack: 2.9 million customer data at risk

September 30th, 2013

As recently discovered by Adobe, it had suffered some sophisticated attacks on its network that lead to theft of 2.9 million customer’s personal information including payment card information and source code for multiple Adobe software products such as ColdFusion, ColdFusion Builder, Adobe Acrobat and some more.

Brad Arkin, chief security officer of Adobe said “Very recently, Adobe’s security team discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products. We believe these attacks may be related”.

Arkin further added “Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems. We deeply regret that this incident occurred. We’re working diligently internally, as well as with external partners and law enforcement, to address the incident”.

“Over 40 Gigabytes in encrypted archives have been discovered on a hackers’ server that appear to contain source code of such products as Adobe Acrobat Reader, Adobe Acrobat Publisher, and the Adobe ColdFusion line of products. It appears that the breach of Adobe’s data occurred in early August of this year but it is possible that the breach was ongoing earlier,” Hold Security, the security firm said in a post.

Adobe’s Arkin says the company is not aware of zero-day exploits or other specific threats to its customers due to the source code theft. “However, as always, we recommend customers run only supported versions of the software, apply all available security updates, and follow the advice in the Acrobat Enterprise Toolkit and the ColdFusion Lockdown Guide. These steps are intended to help mitigate attacks targeting older, unpatched, or improperly configured deployments of Adobe products,” he says.

All the Adobe customers who were affected by this data breach incident will be informed and adviced to change their password. Company is also alerting customers whose credit and debit card information was stolen. The news which brings some relief to the company is that the financial information was encrypted.

The company is working on “federal law enforcement” which would help them in investigation process of the hacks.

cybersecurity journalist Brian Kreb wrote on his blog, KrebsonSecurity.com, on Thursday that the two men discovered the code while investigating breaches at Dun & Bradstreet Corp, Altegrity Inc’s AGRTY.UL Kroll Background America Inc and Reed Elsevier’s LexisNexis Inc.

The hacking team’s server contained huge data of code that appeared to be source code for ColdFusion and Adobe Acrobat. Shortly after that discovery, KrebsOnSecurity shared several screen shots of the code repositories with Adobe.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Zero-Day Flaws in Adobe Reader, Acrobat

February 3rd, 2013

Adobe is warning that attackers are exploiting critical flaws in its PDF Reader and Acrobatsoftware to break into vulnerable systems, and that the exploit being used in attacks evades the sandbox protection built into these products.

The company issued an advisory about the threat on Wednesday, which confirms many of the details first disclosed by security firm FireEye earlier this week. FireEye has since posted a follow-up blog entry that sheds some additional light on how this attack works.

According to Adobe, there are two vulnerabilities in play here, and they exist in the latest versions of its software, including Adobe Reader and Acrobat XI (11.0.01 and earlier) for Windows and Macintosh, X (10.1.5 and earlier) for Windows and Macintosh, 9.5.3 and earlier for Windows and Macintosh, and Adobe Reader 9.5.3 for Linux.

Adobe says it is aware of reports that these vulnerabilities are being exploited in the wild in targeted attacks designed to trick Windows users into clicking on a malicious PDF file delivered in an email message. The software maker added that it is in the process of working on a fix for these issues.

In the meantime, Windows users of Adobe Reader XI and Acrobat XI can protect themselves from the security exploit by turning on Protected View, as follows: To enable this setting, choose the “Files from potentially unsafe locations” option under the Edit > Preferences > Security (Enhanced) menu.

For those spooked enough to avoid Adobe until a fix is available, there are several other free PDF reader programs available. I have been using Sumatra PDF for some time, and prefer it because it seems very lightweight and fast. Foxit Reader is another popular alternative.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta