Digital security firm LastPass on Thursday announced that it had discovered passwords, email addresses and other data linked to Adobe Systems (ADBE) customer accounts on websites used by hackers.
LastPass says was able to identify user data from a staggering 152 million Adobe accounts. That would contradict Adobe’s claim — made last week — that only 38 million user accounts were breached by cyber criminals, Reuters reports.
LastPass also says on its blog that “significantly more data was stolen than first thought, including emails, encrypted passwords, password hints, names, credit card numbers, and card expiration dates.”
If LastPass’ numbers are accurate, the Adobe breach would be the largest reported hacker-caused leak of corporate data.
Responding to the new claims, Adobe conceded that the data did come from its user accounts, but noted that the database that had been accessed was a backup system, which contained 25 million invalid email addresses and 18 million invalid passwords.
Adobe told Reuters it has alerted account holders affected by the hacking attack and is moving to increase its digital security.
An earlier attack compromised data on 2.9 million Adobe users, collecting customer names and encrypted credit card data.
ADBE shares appeared unaffected by the news, up 1% in early Friday trading.