Today, Krebs on Security reported that publicity service PR Newswire was hacked in March 2013. But more interestingly, this hijacked data has surfaced on the same Internet servers where stolen Adobe Systems source code and customer data was recently found.
The location of this lifted PR Newswire data suggests that the same black hats may be behind both hacks. Brian Krebs confirmed the data (usernames and encrypted passwords) with PR Newswire, and the company will start contacting customers about password changes today. PR Newswire told Krebs its investigation into the data is still in progress, but early indications are that the breach affected customers in Europe, the Middle East, Africa, and India in particular.
Krebs and collaborator Alex Holden, chief information security officer at Hold Security LLC, found no evidence of abuse with the stolen data at this time. However, the duo notes that PR Newswire's clientele could be potentially very lucrative targets for hackers to use to manipulate financial markets.