Facebook users who used the same email and password on their Adobe and Facebook accounts have been offered a helping hand by Facebook itself in the wake of the recent massive breach at Adobe, which leaked private data for 38 million users – in the form of a block and forced password reset.
The social network now blocks such accounts, and asks additional questions before forcing a password reset, according to The Verge.
Brian Krebs of Krebs on Security reports that the social network has mined data leaked from the recent breach to secure user accounts. Data from the breach is already available online.
Users who employed the same combination of email and password across both accounts are automatically locked out of their Facebook accounts, and asked additional questions before being granted access. Users are then asked to create a new password, The Verge reports.
Users are greeted with a warning message headed, “Someone May Have Accessed Your Account,” according to Engadget’s report. The message continues, ““Recently, there was a security incident on another website unrelated to Facebook. Facebook was not directly affected by the incident, but your Facebook account is at risk because you were using the same password in both places. To secure your account, you’ll need to answer a few questions and change your password. For your protection, no one can see you on Facebook until you finish.”
Facebook did not confirm how many users were affected. The password information is available publicly on the internet via several password “dumps”.
“We actively look for situations where the accounts of people who use Facebook could be at risk—even if the threat is external to our service,” said spokesman Jay Nancarrow, speaking to Brian Krebs. “When we find these situations, we present messages like the one in the screenshot to help affected people secure their accounts.”
Adobe has admitted around 38 million active users may have had IDs and encrypted passwords accessed by unknown attackers in a breach earlier this year.
Previously, it had been estimated that around three million users had data accessed. Others have speculated the number affected may be much larger.
ESET Researcher Stephen Cobb described the breach as “unprecedented” at the time, due to the fact that attackers also appeared to have accessed source code for Adobe’s Acrobat software.
Krebs says, “It also appears that the already massive source code leak at Adobe is broadening to include the company’s Photoshop family of graphical design products.” The company now admits that “numerous” products were affected by the breach.
Many of the 38 million passwords accessed in the breach were extremely simple – and a security researcher claims that 1.9 million of these are the simple “123456”, as reported by We Live Security here.
Half a million craftier customers chose “123456789”, according to a report by The Register, quoting researcher Jeremi Gosni, a self-styled “password security expert” who found the passwords in a dump online.
“Our investigation to date indicates that a portion of Photoshop source code was accessed by the attackers as part of the incident Adobe publicly disclosed on Oct. 3,” Edell wrote. The company’s ColdFusion web application platform may also have been accessed.
ESET researcher Stephen Cobb says, “Access to the source code could be a major asset for cybercriminals looking to target computing platforms such as Windows or mobile operating systems such as Android.”
“So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users,” said Adobe spokeswoman Heather Edelll.
“We have completed e-mail notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident — regardless of whether those users are active or not.”
“Adobe’s security team recently discovered sophisticated attacks on our network, involving the illegal access of customer information as well as source code for numerous Adobe products,”” the company says. “ We believe these attacks may be related. We are working diligently internally, as well as with external partners and law enforcement, to address the incident.”
Author Rob Waugh, We Live Security