Gsquared Marketing, LLC
Random Bits

Important Lessons from the Adobe Hack

I received a letter from Adobe, dated October 11, 2013 advising I was one of many affected by a hack discovered on September 11th and 17th. It went on to say my name, login, password, and possibly credit card information had been compromised, but they “take the security of personal information seriously and deeply regret that this incident occurred.” I was advised I should change the passwords to my Adobe account and any other accounts using that same login information (email and password). They also offered a one-year subscription to Experian in order to monitor my credit rating, which is nice, but…

If you are not aware, Adobe Systems, Inc., is an American multinational computer software company headquartered in San Jose, California. There products include Photoshop, Illustrator, InDesign, Dreamweaver, Creative Cloud and Marketing Cloud.

I have 94 online accounts and know I should not use the same password, but I did. At least, it is alpha-numeric and always scores highly on the secure meter when signing up for new accounts. After my Lifelock membership sent me an email saying that the information hacked from Adobe is ‘for sale’ on the black market websites, I quickly set out to change all 94 account passwords. As nice as it was for Adobe to offer Experian, it would not have advised I was on the sale block. Lifelock is much more proactive and I’m happy I have it.

It took me an hour and half to make all the changes to my online accounts so I thought Adobe should reimburse me for my time. I am a freelance employee and my time is money. I contacted Adobe and spoke to Risu. I told her about my experience with Lifelock and the length of time it took to change my passwords. I politely asked if there was anyway I could be reimbursed for my time. We had difficulty understanding one another but I think I got that across, okay. She advised that there is no such recourse available and she would escalate my request to her manager. She finished by saying I should hear from her manager soon. That was five days ago and I have not heard a word. Nothing. Zip. Zilch. Nada.

After using Adobe for over 15 years, the proverbial needle burst my expectation bubble, big time. I expected to get stellar customer service from such a prestigious outfit with exceptional software. Instead, Adobe has completely dropped the ball. I plan to follow-up when I have some time to spare. I just think it reflects poorly on Adobe that I need to do the following up. Their processes should be in place so there are no cracks for me to fall in In addition, they and any other online companies needs to have a comprehensive plan BEFORE a hack happens which addresses:  a)those affected in a more empathetic manner than the form letter/email; b)sets compensation levels so that the first responder (Risu) is available to make decisions; and c)follow up with another form letter/email which addresses the lessons learned and measures they’ve put into place to protect my information. I will wait patiently on “c”.

I am not one to cast stones in one direction. There are things I could have done to alleviate the hour and a half it took to change my 94 passwords. In the future, I will use various alpha-numeric passwords so I’m not changing so many accounts when the next hack happens. It’s a fact of life, if you use the internet and have online accounts for email, shopping, pictures, software or anything else, a hack is going to get you. Be prepared and proactive. I’ve gotta go now, Yahoo just sent me a text. Someone is trying to hack in. They probably just bought me on the black market.

Here are some things you should already be doing to be proactive:

1. Use Alpha-Numeric passwords that make no sense–NO birthdays, dog names, wife names, cat names, kid names or 12345.

2. Keep your password list secure. There are tons of ‘password keeper’ apps, but if Adobe can get hacked, why can’t they? I choose to write down my passwords and keep the document in a secure but easily accessible location.

4. Beware the computer virus that tracks your keystrokes. Keyloggers are sometimes part of malware packages downloaded onto computers without the owners’ knowledge. Detecting the presence of a keylogger on a computer can be difficult. In case of keyloggers,  I change my passwords on my bank account, email, Facebook, Linkedin and other frequently used sites about every six months. I also use and update my virus software frequently.