Machine Learning Authors: Yeshim Deniz, Zakia Bouachraoui, Pat Romanski, Elizabeth White, Liz McMillan

Blog Feed Post

The widening Adobe breach

Like many of you, I heard last month about the Adobe breach and didn’t give it much mindshare. Turns out things keep getting worse, and I was foolish to ignore what happened. Mea culpa. Here is a catch-up column along with lotsa links that go into further details, and why you should be worried.

adobeWhen I first heard about it, I thought: I don’t have anything to worry about. I am not a user of their products. And then I thought, so big deal: a few emails and passwords released to the bad guys. Wrong, wrong and wrong.

First of all, it now turns out there are 130 million email-password combinations that can be used for all sorts of mischief. And my name is most certainly in that list, mainly because somewhere along the line I did register for something that Adobe now owns. So is yours in all probability. The file includes both active members and inactive names. Who knew that Adobe kept the inactive accounts around?

Second, security researchers have been data mining the list and have come up with ways to figure out what the passwords are, so you can bet the bad guys are actively downloading the list and doing the same. Because of the large amount of data, it is fairly easy, based on the password hints which are also part of the file, to crack the very weak methods (I hesitate to call this encryption, because it almost like using a simple substitution code) that Adobe used. One author has published the more popular passwords that show up in the file: ‘123456’ seems to be one password that will never go out of style, having shown up almost 2 million times!

Third, other site operators such as Facebook (how ironic!), Eventbrite and even Diapers.com (yes, that is a real site) have already jumped in and sent emails to their users warning them to change their account passwords. This is  because there is a good chance that you used the same password to login to their services. I got one of those emails but somehow deleted it unread last week.Boo-hoo for me.

At least Adobe is asking you to change your account password when you do finally check in. Thanks Adobe, that was a nice touch and the least that you could do..

Finally, there is some chatter that credit card information also might be stored as poorly as the passwords. I don’t think that I ever gave Adobe this data but given the state of my memory, I can’t be sure.

So take the time to change your accounts with passwords that you might have shared with Adobe, either by intent or by accident, before someone starts using one of them for nefarious purposes. While you are changing things, use a password manager and stronger passwords too. And you might want to audit your Facebook, Twitter and LinkedIn accounts as I mention here to ensure that the apps that can access these accounts are still what you wish.

The links to the numerous stories and specifics can be found below:

Read the original blog entry...

More Stories By David Strom

David Strom is an international authority on network and Internet technologies. He has written extensively on the topic for 20 years for a wide variety of print publications and websites, such as The New York Times, TechTarget.com, PC Week/eWeek, Internet.com, Network World, Infoworld, Computerworld, Small Business Computing, Communications Week, Windows Sources, c|net and news.com, Web Review, Tom's Hardware, EETimes, and many others.

CloudEXPO Stories
DevOpsSUMMIT at CloudEXPO, to be held June 25-26, 2019 at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Among the proven benefits, DevOps is correlated with 20% faster time-to-market, 22% improvement in quality, and 18% reduction in dev and ops costs, according to research firm Vanson-Bourne. It is changing the way IT works, how businesses interact with customers, and how organizations are buying, building, and delivering software.
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
It cannot be overseen or regulated by any one administrator, like a government or bank. Currently, there is no government regulation on them which also means there is no government safeguards over them. Although many are looking at Bitcoin to put money into, it would be wise to proceed with caution. Regular central banks are watching it and deciding whether or not to make them illegal (Criminalize them) and therefore make them worthless and eliminate them as competition. ICOs (Initial Coin Offerings) are something most have no idea as to what it means and how you utilize it. Where is the "Stamp of Approval" or "Stamp of Legitimacy" on some of these Bitcoin websites (how do you know you are not dealing with a scammer?)
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a member of the Society of Information Management (SIM) Atlanta Chapter. She received a Business and Economics degree with a minor in Computer Science from St. Andrews Presbyterian University (Laurinburg, North Carolina). She resides in metro-Atlanta (Georgia).