The Breach
A threat actor calling himself "Mr. Raccoon" claims to have stolen 13 million Adobe customer support tickets, 15,000 employee records, internal company documents, and the entirety of Adobe's HackerOne bug bounty program submissions. Adobe has not officially confirmed the breach. Mr. Raccoon released screenshots and file directories that point to real failures in access control.
The Attack Path
This was not a zero-day. There was no exotic malware. The attacker did what attackers always do — found the weakest link in the supply chain and walked through it.
Adobe outsources part of its support operation to an Indian Business Process Outsourcing (BPO) firm. Mr. Raccoon sent a phishing email to a worker at that firm. The worker clicked. The attacker compromised the workstation. From there, escalated to a manager's credentials. From there, exported 13 million tickets.
This is the entire 2026 cybersecurity playbook in one paragraph. Phish a third-party vendor. Pivot. Exfiltrate.
What Was in the Tickets
Customer support tickets are not "minor" data. They contain everything users tell support when something breaks: email addresses, full names, sometimes IP addresses, sometimes payment information snippets, sometimes screenshots that include sensitive data the user did not realize was visible.
Multiply that by 13 million and you have a phishing goldmine. Attackers can now send emails that reference real Adobe ticket numbers, real product issues, and real account details — making fake "Adobe Support" emails virtually indistinguishable from the real thing.
Why This Keeps Happening
Enterprises spend hundreds of millions on cybersecurity. They protect their own infrastructure. Then they hand customer data to third-party vendors with a fraction of the security budget. The supply chain is the attack surface, and most companies still don't realize it.
What You Should Do Right Now
If you've ever opened a support ticket with Adobe, assume your data is in this leak.
1. Change your Adobe password and enable two-factor authentication.
2. Watch for phishing emails referencing Adobe products. They will look real.
3. Use a VPN when accessing your accounts on public WiFi — your network traffic is one of the few things attackers cannot harvest from a leaked database.
4. Consider a password manager so the credentials you use for Adobe are not the same ones you use for your bank.
The Bigger Pattern
Adobe is not the first major breach of 2026 and it will not be the last. Signature Healthcare lost 2 terabytes of patient data to ransomware this month. Drift Protocol got hit for $285 million by North Korean hackers. Cisco patched four critical vulnerabilities in Identity Services and Webex.
The threat is not theoretical. It is constant. Personal cybersecurity in 2026 is no longer optional — it is infrastructure.
Tools that actually help: A reputable VPN like NordVPN encrypts your connection so even if your data leaks elsewhere, your real-time browsing remains private. Combine it with a password manager and 2FA on every important account, and you cut your risk by 90%.
