Security researchers have recently discovered that Adobe accidentally exposed and compromised the private data of around 7.5 million accounts, including those of its own employees.
Adobe has always been the go-to choice for anyone needing software for video editing, graphic design, and other similar creative work. However, with a recently-discovered incident, many of its users are now endangered.
The incident in question was discovered by Comparitech, or more precisely — the company’s security researcher Bob Diachenko. Diachenko found that around 7.5 million Adobe Creative Cloud users had their accounts’ details exposed to the public. The entire database filled with sensitive information was accessible to anyone and could be reached via any regular web browser. The data contained information such as users’ email addresses, their account creation dates, the list of Adobe products that they use, payment status, member ID, time of the last login, and even their local timezone.
It was also discovered that Adobe’s own employees had their data revealed. Fortunately, the leak did not reveal financial information (such as credit card numbers), nor passwords. However, the information within still contains sensitive personal details and should be kept hidden for the good of the users.
Adobe left 7.5 million Creative Cloud user records exposed online https://t.co/cDcE8mfOV3
— ZDNet (@ZDNet) October 27, 2019
Bad actors have been known for going to extreme lengths to obtain even a fraction of the information such as this. Now, they have it delivered on a silver platter, which might spark an entire wave of new phishing campaigns.
Upon discovering the database, Diachenko contacted Adobe immediately, which allegedly happened on Oct 19. Adobe was quick to respond, and the data was secured by the end of the day. However, Diachenko believes that the exposure lasted for around a week, which means that anyone who may have found it before he did had more than enough time to copy the entire database.
For now, it remains unclear whether there was any unauthorized access to the data, or when exactly it was made public. However, it is known that this is not the first major data leak that Adobe experienced. Back in 2013, a hacker gained access to an even larger amount of data belonging to 38 million users. As for affected users, they should be careful of any suspicious emails that might arrive in their inboxes in the future, claiming to be sent by Adobe.
Are you an Adobe product user? Do you think that you may have been affected by the leak? Let us know your thoughts in the comments below.
Images courtesy of Shutterstock.