« Tile trackers now support Google Assistant | Main | Canadian Reviewer Weekly Roundup – 10/20 – 10/26 »
Sunday
Oct272019

Adobe Creative Cloud exposed database left 7.5 million accounts vulnerable 

One of the most important things you need to internalize about this latest issue is that you need to be wary of emails that look official and are asking you to log in to your Adobe Creative Cloud account. In case you missed the news, 7.5 million Adobe Creative Cloud accounts were exposed on the web. Comparitechtogether with security research Bob Diachenko, found an Elastisearch database that had email addresses and other Creative Cloud account information, and that these were accessible without a need for a password or other authentication.  

The database was said to be accessible for around a week, but it isn't clear if anyone accessed it. When Comparitech and Diachenko reported the exposed database to Adobe on October 19th, the company secured it the same day. Thankfully, sensitive data—like passwords and payment information—weren't disclosed. And according to Adobe, it doesn't affect the operation of any Adobe core products or services. 

Here's a list of what was included in the database: 

  • Email addresses  

  • Account creation date  

  • Which Adobe products that account owns  

  • Subscription status  

  • Whether the user is an Adobe employee  

  • Member IDs  

  • Country  

  • Time since last login  

  • Payment status 

The danger here, as we mentioned earlier, is that this can expose the users to targeted phishing scams. Fraudsters can trick users into giving sensitive information. So, if you get an email asking you to log in to the service with a provided link, do not click on the link. Open a new tab and sign in to Adobe from the company's website. 

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>