Adobe is currently investigating reports of a compromise of a forum database. These reports first started circulating late during the day on Tuesday, November 13, 2012. At this point of our investigation, it appears that the forum site was compromised by an unauthorized third party. It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted. You can read more in our public blog post.

How do I know if I or my organization are affected?

This issue only affects users who have an account on the forum. Users who have not registered on this community forum will not be affected.

What is the forum? is a public forum site used for individuals to discuss different topics and exchange ideas about the Adobe Connect product. It is not related to any Adobe Connect production system or any other Adobe services, and user credentials are not linked to an AdobeID.

Were the Adobe Connect Web conferencing services or other Adobe Services compromised?

It does not appear that any other Adobe services, including the Adobe Connect conferencing service itself, were impacted.

What is the extent of the compromise?

644 records were leaked by the hacker. However, the hacker claims that he accessed the entire forum database. The forum has a total of about 150,000 registered users. The records included the following:

  • First Name
  • Last Name
  • Title (If provided by the user)
  • Email
  • Company (if provided by the user)
  • User Name
  • Hashed Password

While the leaked records included a phone number field, the phone number was generally not collected from the user.

Within the leaked records, there were .gov and .mil email address. How many .gov or .mil records have been exposed?

Out of the 644 leaked records, 442 had a .gov or .mil email address. Within the database, out of 150,000 records, fewer than 700 had a .gov or .mil email address.

What steps did Adobe take to address the compromise?

Adobe first learned of the compromise late in the day on Tuesday, November 13, 2012. We immediately launched an investigation and took the following actions:

  • The forum site was taken offline in the evening of Tuesday, November 13, 2012.
  • We reset the passwords of impacted forum members and reached out to those members to alert them of the compromise.
  • As a precaution, we reset the passwords for those users who were using the same email address as login credentials across multiple Adobe sites and services, including Adobe Connect. We reached out to those users impacted with instructions on how to change their passwords. Even though we do not have reason to believe any of these services were impacted, we took this step because some users may use the same or similar login credentials for multiple sites and services.

What has Adobe done with

We have taken down the site as a precaution while we complete our investigation of this incident. We are working diligently to restore forum services as quickly as possible.

What will happen when comes back online?

Immediately after temporarily suspending the site, Adobe communicated directly to all impacted users that their passwords were reset by Adobe. When the site comes back online, all users of will need to personally select new passwords. Further instructions will be provided directly to those users.

Is Adobe able to confirm how the attacker got in—whether it was a vulnerability in the server software?

We are still investigating how the compromise occurred.

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy