The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records’ database belonging to the company’s popular Creative Cloud service.
With an estimated 15 million subscribers, Adobe Creative Cloud or Adobe CC is a subscription service that gives users access to the company’s full suite of popular creative software for desktop and mobile, including Photoshop, Illustrator, Premiere Pro, InDesign, Lightroom, and many more.
What happened? — Earlier this month, security researcher Bob Diachenko collaborated with the cybersecurity firm Comparitech to uncover an unsecured Elasticsearch database belonging to Adobe Creative Cloud subscription service that was accessible to anyone without any password or authentication.
How many victims? — The inadvertently exposed database, which has now been secured, contained personal information of nearly 7.5 million Adobe Creative Cloud user accounts.
What type of information was exposed? — The exposed information included Creative Cloud users’:
- Email addresses
- Account creation date
- The Adobe products they subscribed to
- Subscription status
- Payment status