Some of you may have heard in the news recently that Adobe has had a security breach. This may affect patrons who use the Ohio eBook Project, since Overdrive relies on Adobe IDs to authenticate users through the Overdrive Media Console App as well as Adobe Digital Editions.
Since Adobe does not collect credit card information to register for an Adobe ID, the risk is minimal. However, you may be contacted by Adobe to reset your Adobe ID. Adobe is encouraging affected users to reset their passwords on other services/applications if they’ve used the same user ID and password as they use with Adobe.
In a press release, Adobe announced:
- As a precaution, we are resetting relevant customer passwords to help prevent unauthorized access to Adobe ID accounts. If your user ID and password were involved, you will receive an email notification from us with information on how to change your password. We also recommend that you change your passwords on any website where you may have used the same user ID and password.
- We are in the process of notifying customers whose credit or debit card information we believe to be involved in the incident. If your information was involved, you will receive a notification letter from us with additional information on steps you can take to help protect yourself against potential misuse of personal information about you. Adobe is also offering customers, whose credit or debit card information was involved, the option of enrolling in a one-year complimentary credit monitoring membership where available.
- We have notified the banks processing customer payments for Adobe, so that they can work with the payment card companies and card-issuing banks to help protect customers’ accounts.
- We have contacted federal law enforcement and are assisting in their investigation.
Here are a few important things to be aware of (from Overdrive):
- Re-activation of previously authorized Adobe Digital Editions (ADE) and OverDrive Media Console (OMC) will NOT be required in order to maintain access to DRM protected Adobe eBooks or to download new ones, even if users have since changed the password on their Adobe ID.
- New activations of ADE and OMC will not be possible until the user has reset their password with Adobe (so they can use a known good password to authenticate) since Adobe has reset everyone’s existing password.
- Users can choose to de-authorize ADE or OMC and re-authorize with their new password; however, that is not necessary or recommended.
- Users who have changed their Adobe ID password and wish to also update their passwords on OMC should be able to do this. Changing passwords periodically and using different passwords for different accounts are good security practices.
- Overdrive does not store emails or passwords for the Adobe ID, but does use emails that have been registered for an OverDrive ONE account. Users can reset their OverDrive ONE password by using the ‘forgot password’ link or by logging in and using the “Settings” panel. Users that have registered for OverDrive ONE using their Facebook account will have to re-authenticate OverDrive ONE in OMC if they have also updated their Facebook email or password.
Here’s how to contact Adobe:
Adobe Live Chat: http://www.adobe.com/support/chat/ivrchat.html
Adobe Contact Page: http://helpx.adobe.com/contact/
Here’s more information about Adobe’s security breach: