You may or may not be aware that a major security breach of a prominent sofware company, SolarWinds, occurred within the past few weeks. In the vein of due diligence for vendor security efforts, can I inquire whether Adobe Creative Cloud and/or any related services may have been impacted.
Are any SolarWinds products installed on servers and/or endpoints in your Adobe Creative Cloud environment?
Does Adobe user SolarWinds Orion platform in its environment or the services you provide related to Adobe Creative Cloud?
Have you performed due diligence to determine whether your organization or the services you provide have been impacted by the SolarWinds Security Advisory?
If your organization has been impacted, what mitigation steps and remediation timelines have been put in place?
The hack happened almost 12 months ago. And the main focus of the attack was government agencies that use SolarWinds IT management systems. Are you a gov't agency? Does your IT dept use SolarWinds systems?