Adobe Systems said Thursday that hackers had accessed personal data for nearly 3 million of its customers.
Brad Arkin, Adobe's chief security officer, wrote in a blog post that the hackers had removed data including encrypted credit- and debit-card numbers, but that the company does not believe any decrypted numbers were taken.
The attackers "removed from our systems certain information relating to 2.9 million Adobe (ADBE) customers, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders," Arkin wrote. The company is in the process of notifying customers whose card information was involved in the incident, and is resetting the relevant customer passwords.
The hackers also took source code for a number of Adobe products, Arkin said.
"We're working diligently internally, as well as with external partners and law enforcement, to address the incident," he wrote.
Brian Krebs, author of the respected security blog Krebs on Security, wrote that the attackers appeared to be the same group responsible for attacks earlier this year on data aggregators LexisNexis, Kroll and Dun & Bradstreet.