Adobe accidentally exposed private details of over 7 million Creative Cloud accounts to the public, putting those members at risk of targeted phishing scams.
The account details were exposed in a database that could be accessed by anyone through a browser without any kind of password or authentication.
The account data include email addresses, account creation date, Adobe products used, subscription status, whether the user is an Adobe employee, member IDs, country, time of last login, and payment status. Things like payment details and account passwords were not exposed by the database.
Adobe on October 19th of the issue, which estimates was present for about a week, and the database was secured the same day. It’s currently unknown whether the database was accessed by third-parties while it was exposed.
The exposed user data wasn’t particularly sensitive, but it could be used to create phishing campaigns that target the Adobe users whose emails were leaked,” Comparitech notes. “Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example.”
Adobe suffered another major data breach back in 2013 that did expose credit card and login information for an unknown number of users in a data breach that affected at least 38 million users and possibly up to 150 million.
If you’re a subscriber to Adobe Creative Cloud, keep your eyes peeled for emails purporting to be from Adobe, and double-check that they are indeed from the company before responding or acting in any way.
For more updates, follow our today’s tech news listing.