Basic customer details of approximately 7.5 million Adobe Creative Cloud users were exposed to the internet in an Elastisearch database that was found to be unprotected. This data was found by security researcher Bob Diachenko of Security Discovery and Paul Bischoff, a tech journalist for Comparitech. The exposed information primarily included information about customer accounts, but no passwords or financial information. The exposed information included email addresses, Adobe member ID’s, country of origin and what Adobe products they were using. Other information also included account creation date, last login, if the account belonged to an Adobe employee and subscription and payment status. Currently, it is unknown if the database was accessed or downloaded by anyone. Attackers could use this information to target owners of active Adobe premium accounts with phishing emails to try to hijack high-value Creative Cloud accounts from owners for potential sale on the dark web. The cloud-based software company blamed the incident on a “prototype environment” that was misconfigured. The researchers notified Adobe of the issue and were very pleased with the response. Adobe secured the exposed data within the same day as the notification. According to Comparitech, no passwords or payment data was exposed.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased