SolarWinds Vulnerability Impact Inquiry

Question

RE: SolarWinds Vulnerability Impact Inquiry

You may or may not be aware that a major security breach of a prominent sofware company, SolarWinds, occurred within the past few weeks. In the vein of due diligence for vendor security efforts, can I inquire whether Adobe Creative Cloud and/or any related services may have been impacted.

Are any SolarWinds products installed on servers and/or endpoints in your Adobe Creative Cloud environment?
Does Adobe user SolarWinds Orion platform in its environment or the services you provide related to Adobe Creative Cloud?
Have you performed due diligence to determine whether your organization or the services you provide have been impacted by the SolarWinds Security Advisory?
If your organization has been impacted, what mitigation steps and remediation timelines have been put in place?

Nancy OShea · Answer

The hack happened almost 12 months ago. And the main focus of the attack was government agencies that use SolarWinds IT management systems. Are you a gov't agency? Does your IT dept use SolarWinds systems?

https://whatis.techtarget.com/feature/SolarWinds-hack-explained-Everything-you-need-to-know

If you're a Teams/Enterprise plan holder you should be talking to your IT dept in consultation with your Team/Enterprise plan rep at Adobe.

Adobe rarely discuss matters like this in a public user forum. If & when there is anything official to say, they usually release a statement on their website and notify their customers directly.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded