A massive data breach at Adobe was executed by threat actor Mr. Raccoon after compromising an Indian BPO partner, resulting in the exfiltration of 13 million customer support tickets, 15,000 employee records, HackerOne submissions, and internal documents. The attacker used a Remote Access Tool to take over an employee workstation, performed an upward phishing attack to gain elevated access, and exploited the support portal’s lack of rate-limiting to bulk-export data. #MrRaccoon #Adobe
Keypoints
- Mr. Raccoon breached Adobe by targeting a third-party BPO in India.
- A Remote Access Tool delivered via phishing gave the attacker full control of an employee workstation.
- An upward phishing attack against a manager provided the elevated credentials needed to access Adobe systems.
- The support portal lacked rate-limiting or bulk-export protections, enabling mass data exfiltration.
- Exfiltrated data include 13 million support tickets, 15,000 employee records, HackerOne submissions, and internal documents.
Read More: https://securityonline.info/adobe-data-breach-mr-raccoon-bpo-supply-chain-leak/