Adobe, one of the world’s largest software companies, is facing a severe security crisis. In a breaking development shaking the tech world, hackers successfully breached the company’s systems. A threat actor using the alias “Mr. Raccoon” is behind the attack, gaining access to sensitive databases and executing a massive data leak.

Adobe Systems Hacked: Support Tickets and Internal Docs Compromised

The scale of the leaked data is alarming. According to reports, 13 million customer support tickets containing personal user data have been leaked online. It’s not just customers who are affected; the hacker also seized records belonging to 15,000 Adobe employees. Additionally, the stolen data includes all HackerOne reports (which detail previously reported security vulnerabilities) and numerous internal company documents.

Details on how the attack unfolded have also come to light:

• The Entry Point: Mr. Raccoon breached the system through an India-based Business Process Outsourcing (BPO) provider.
• The Method: The process began by installing a remote access tool on an employee’s computer.
• Escalation: After gaining initial access, the hacker launched a phishing attack targeting the employee’s manager to escalate privileges and penetrate deeper into Adobe’s infrastructure.

“A Simple Request Allowed Everything to be Exported”

The hacker’s own statement regarding the system’s vulnerability highlights the gravity of the situation. Criticizing Adobe’s infrastructure, Mr. Raccoon claimed: “They allowed you to export all support tickets with a single request via just one representative account.” This basic export permission paved the way for millions of records to be stolen in seconds.