The message looked authentic but seemed suspect to me, why was the only option to change my password and why was this necessary but on checking the links names I followed the instructions, and waited ...and waited …and waited for the promised email. After 20 minutes I gave up and did other things. About half an hour later the email had arrived and I followed a new clink on link which only gave me the option of typing in a new password and a duplicate. Now this made me really suspicious! Being sent a false login page to capture your password is a very common phishing scam. However on investigation I again felt that the link address I could see and the mysterious email address cs-auto from adobe were possible legit. So I did some what cautiously change my password. Ok no drama after that, other than I missed my self imposed deadline. I also suggest if you in the same position, consider changing your password a second time, like I did, but this time accessing adobe.com and my adobe directly, not by a link from an email!
Now I see what was going on, Adobe has had a massive hacker attack, and only today can I find information from them about their "Customer Security Alert". If Adobe knew about this on the 17th September why didn't they notify their subscribers back then?
More importantly why did adobe choose to run something to force everyone involved to change their passwords,
- Without telling them why ?
- Doing it such a scammish fashion?