The number of hacked accounts worldwide equates to the population of California, where Adobe is based.
Earlier this month, Adobe said that the attack affected 2.9 million Adobe customers.
In the statement (see below), Adobe says that, so far, there is no indication that affected accounts have been subjected to ‘unauthorised activity’.
However, Adobe still refuses to say how many UK-based users have been hit, telling Amateur Photographer: ‘We have not detailed country-specific figures.’
Full Adobe statement sent to Amateur Photographer:
‘So far, our investigation has confirmed that the attackers obtained access to Adobe IDs and (what were at the time valid), encrypted passwords for approximately 38 million active users. We have completed email notification of these users. We also have reset the passwords for all Adobe IDs with valid, encrypted passwords that we believe were involved in the incident – regardless of whether those users are active or not.
‘We believe the attackers also obtained access to many invalid Adobe IDs, inactive Adobe IDs, Adobe IDs with invalid encrypted passwords, and test account data. We are still in the process of investigating the number of inactive, invalid and test accounts involved in the incident. Our notification to inactive users is ongoing.
‘We currently have no indication that there has been unauthorized activity on any Adobe ID account involved in the incident.’