Software giant Adobe says hackers have hit its network, stealing the personal information, including encrypted payment card details, of 2.9 million customers.
Adobe's security team "very recently" discovered the attacks, which saw the crooks make off with customer names, encrypted credit and debit card numbers, expiration dates, and more.
However, the firm says that it does "not believe" that decrypted card details were removed from its systems.
The process of clearing up the mess is now underway, carried out by internal and external teams as well as law enforcement. All customers who have had their card details compromised are being written to and offered a year's worth of credit monitoring. Banks have also been notified.
The crooks not only stole customer data, says Adobe chief security officer Brad Arkin, they also took source code for numerous products, including Acrobat, ColdFusion, ColdFusion Builder.