![]() “This issue was not connected to, nor did it affect, the operation of any Adobe core products or services. We promptly shut down the misconfigured environment, addressing the vulnerability,” reads the security update published by Adobe. “Late last week, Adobe became aware of a vulnerability related to work on one of our prototype environments. “Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example.”ĭiachenko discovered the unsecured server on October 19 and reported his findings to Adobe that secured it the same day. “The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams,” continues the blog post. Targeted attacks could trick victims into revealing their passwords or credit card number. Leaked data could expose the Creative Cloud users to scams and phishing attacks. The data leak did not expose financial data or passwords. The Elasticsearch database could be accessed without a password or any other authentication.”Įxposed information included Creative Cloud users’ email addresses, account creation date, adobe products users subscribed to, subscription, status, payment status, member IDs, country, time since the last login, a flag for users that are Adobe employees. “Comparitech partnered with security researcher Bob Diachenko to uncover the exposed database. “Nearly 7.5 million Adobe Creative Cloud user records were left exposed to anyone with a web browser, including email addresses, account information, and which Adobe products they use.” reads a post published by Comparitech. Data were exposed through and unsecured Elasticsearch database belonging to Creative Cloud subscription service. The unsecured server was discovered by the popular data leak hunter Bob Diachenko along with cybersecurity firm Comparitech. In Creative Cloud, a monthly or annual subscription service is delivered over the Internet, currently it has roughly 15 million subscribers. Adobe Creative Cloud is a set of applications and services from Adobe Systems that gives subscribers access to a collection of software used for graphic design, video editing, web development, photography, along with a set of mobile applications and also some optional cloud services. The security breach took place this month and only impacted Creative Cloud users. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |