After a major data leak in 2013, the ghosts of the past are back again to haunt Adobe. A security flaw in the company’s software – Adobe Creative Cloud has inadvertently exposed the database of millions of its users.
Data of millions of Adobe Creative Cloud users leaked
Adobe Creative Cloud, also known as Adobe CC, is a subscription-based service. The subscription offers users access to a full range of the company’s popular software like Photoshop, Lightroom, Illustrator, InDesign, and others.
The incident of information breach was reported by Comparitech, partnered with PAUL BISCHOFFTECH, a Journalist, Privacy advocate, and VPN expert. After finding the flaw, Paul notified the company, and on learning this, Adobe immediately secured its database.
The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams. Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example, said Paul.
It is believed that the data of nearly 7.5 million users lie exposed and includes information like,
- Member ID
- Subscription and payment status
- Date of account creation
- Email addresses
- Local Time zone
- Time of the last login
- If an employee with Adobe or not
Fortunately, sensitive information related to credit card numbers and passwords was not leaked.
What should be noted here is although the information was not sensitive, the scale of breach could have left the affected users susceptible to targeted attacks such as phishing. As such, Adobe Creative Cloud customers should be cautious about any suspicious emails they receive and claims to be from Adobe itself (for the time being).
Meanwhile, how long the database remained exposed before it was discovered is unknown, though the researcher estimates it could have been a week. For more information, visit this blog.