American Computer Software provider Adobe witnessed an embarrassing Halloween weekend yesterday when a security researcher named Bob Diachenko, in association with Cybersecurity firm Comparitech discovered a vulnerability in its database which exposed information of more than 7.5 million users of the company’s popular Creative Cloud Subscription Service.
As the information was accessible to anyone as the access remained unprotected with a password, there is speculation that hackers could have accessed the information database.
However, the researcher has confirmed that the users’ passwords and payment information such as credit card detailed weren’t exposed by the vulnerability as they could have been stored on another server.
The exposed 7.5 million Adobe Creative Cloud Users information includes email addresses, account creation date, the adobe products being used by the users, subscription status, whether the user in any way connected to adobe, Member IDs, country, time since their last login and payment success status.
Although the accessible information wasn’t critical, security researchers from Comparitech argue that such personal details could expose the victims to phishing attacks shortly- which is true!
As per the details available to our Cybersecurity Insiders, on October 19th this year, the researcher alerted the California based software giant about the vulnerability. And Adobe took note of the situation and immediately secured the access to the database with various means. But as the database exposure could be prolonging for one week, chances of the information getting exposed to nefarious actors are super- high.
Note 1- In the year 2013, Adobe Company faced a data breach when hackers succeeded in accessing information including payment card details of nearly 38 million Adobe users- termed as the largest breach in the history of the cloud-based software provider.
Note 2- Adobe Creative Cloud happens to be a central repository where subscribers have access to a range of software useful to edit videos, graphical content related designs, web development, and photography. Earlier, the Creative Cloud was hosted on Amazon Web Services (AWS), but now it is being hosted on Microsoft Azure since 2017.