Software company Adobe said on Wednesday that the theft by hackers of data and customer credit card details earlier this month involved 38 million active users, far more than the 2.9 million initially reported.
Adobe, which makes and sells popular software such as Photoshop and Adobe Acrobat, said, the hackers gained access to the details after stealing Adobe IDs and encrypted passwords.
“We have completed email notification of these users,” Heather Edell, an Adobe spokeswoman, said in an email. The company also reset the passwords for all Adobe IDs that it believes were involved whether those users were active or not.
The company believes the attackers also obtained access to many invalid Adobe IDs, inactive Adobe IDs, Adobe IDs with invalid encrypted passwords and test account data. The process of investigating the number of inactive, invalid and test accounts was ongoing, Adobe said.
There has been no indication that any unauthorised activity has occurred on the Adobe ID accounts involved in the incident, Edell said.
Adobe, which issued a security alert about the theft on Tuesday, has said stolen passwords were encrypted. Security experts say the passwords can be cracked and sold on black market sites. There also are databases of common passwords available online that can be used to crack passwords.