This is … bad! Especially if email addresses were part of the data accessed (and that's highly likely). Even though the passwords were encrypted, it's often not hard for hackers to decrypt a number of them. If they do – they'll have millions of email addresses and passwords to try in all sorts of places. Breaches like this are why using the same password all over is bad – one place gets breached and hackers can possibly access all sorts of things.


Adobe breach THIRTEEN times worse than thought, 38 million users affected
nakedsecurity.sophos.com
Adobe originally estimated that the breach affected around 2.9 million users. As it turns out the number is actually 38 million, with the information taken including Adobe IDs, encrypted passwords,…