As a precaution, Adobe immediately reset passwords for all users whose current credentials (Adobe ID accounts with valid, encrypted passwords) were in the database that was taken by the attackers to help prevent unauthorized access to Adobe ID accounts. We sent email notification to these users with information on how to change their passwords. We recommend that customers change their passwords on any website where they may have used the same user ID and password.
We also notified customers whose credit or debit card information we believe to be involved in the incident. In addition to email notification, customers whose credit or debit card information was involved received a notification letter from us with additional information on steps they can take to help protect themselves against potential misuse of personal information about them. We also notified the banks processing customer payments for Adobe, so that they could work with the payment card companies and card-issuing banks to help protect customers' accounts.
We continue to work diligently internally, as well as with external partners, to address the incident. We contacted federal law enforcement and are continuing to assist in their investigation.