“Partial Web site source code and configuration data along with a database of PR Newswire customers was found on the same server where Adobe Systems’ source code was located. … The database date appears to be from March 8, 2013 but it is unclear yet if the breach had happened at the same time or at a later date, as the archive was created on April 22, 2013,” Hold Security said in a statement.
Later, the researchers added, “There is evidence, dated February 13, 2013, of a large-scale attack targeting PR Newswire’s multiple networks hitting over 2,000 IP addresses using ColdFusion exploits.”
In a statement given to Krebs on Security’s Brian Krebs, PR Newswire acknowledged the breach and explained, “The database contains approximately 10,000 records; however, there is only a minority of active users on this database. Those users represent an even smaller number of customers, as each customer generally has multiple usernames. PR Newswire decided to implemented a mandatory password reset for all customers with accounts on this database as a precautionary measure.”