Adobe Breach Allegedly Exposes 13 Million Support Tickets and Employee Records

Severity: Medium (Score: 57.8)

Sources: Cybersecuritynews, Cybernews, Gbhackers, Reddit

Summary

Cybersecurity analysts have reported an alleged breach at Adobe, purportedly executed by a threat actor known as 'Mr. Raccoon.' The breach may have exposed sensitive data, including 13 million customer support tickets and 15,000 employee records. The attacker claims to have accessed Adobe's helpdesk system through a compromised third-party business process outsourcing provider. Screenshots shared by the threat actor suggest access to internal documents and a Microsoft SharePoint instance. Adobe has not yet confirmed the breach, and the validity of the claims remains uncertain. Malware researchers suggest that the attacker likely used a remote access trojan (RAT) delivered via email. Customers who interacted with Adobe recently are advised to remain vigilant against potential phishing attacks. The full scope of the impact and the sensitivity of the data involved is still unclear. Key Points: • Alleged breach at Adobe involves 13 million support tickets and 15,000 employee records. • The attack is attributed to a threat actor named 'Mr. Raccoon' using a compromised BPO provider. • Adobe has not confirmed the breach, and customers are advised to be cautious of phishing attempts.

Key Entities

• Mr. Raccoon (apt_group)
• Data Breach (attack_type)
• Malware (attack_type)
• Phishing (attack_type)
• Adobe (company)
• Raccoon Stealer (malware)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1566 - Phishing (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• SharePoint (platform)