Adobe Creative Cloud Database Vulnerability Leaves 7.5 Million Customer Emails Exposed

The News: Adobe Creative Cloud database vulnerability leaves 7.5 million customer emails explosed. Data hunter Bob Diachenko and security pros at Comparitec discovered an Elasticsearch database full of customer data exposed on the internet. The unsecured database contained the email addresses of nearly 7.5 billion customers of Adobe’s Creative Cloud. Read more at Naked Security.

Adobe Creative Cloud Database Vulnerability Leaves 7.5 Million Customer Emails Exposed

Analyst Take: Another day, another company deals with a security issue. Today, that company is Adobe and about half of its Adobe Creative Cloud customer base that has to worry that their email addresses are floating about out there.

I’ll start with the good news: This unsecured database was discovered by Diachenko and Comparitec on October 19th and is thought to have been exposed for about a week. As soon as Adobe learned of the issue, it admitted the error and shut it down. The other good news is that this vulnerability did not expose passwords or payment information.

The bad news is that people are incredibly prone to phishing attacks, and these 7.5 million people are no exception. Hackers could easily use these email addresses claiming they are Adobe and asking for credential information. They could also sell the email addresses to others on the dark web who make a mighty fine living in the business of phishing.

The other bad news is that while password or payment information wasn’t accessible, other information was, including the user’s country, the Adobe products used, the account creation date and time since last login, and whether the user is an Adobe employee. Individually, maybe not a big deal, but the more information hackers have, the more easily they can exploit users. Make no mistake, it is incredibly easy to get tripped up by a well-executed phishing scheme, and that’s the danger posed here.

It doesn’t appear that Adobe users need to worry about all of their accounts, this vulnerability only affected the Adobe Creative Cloud users. If that’s you, stop what you’re doing and go set up two factor authentication. Go to Settings, select Two-step verification, make your selection from there.

I’ll close with a note to anyone at any company responsible for data in any way — data security is not something to be taken lightly, whether it’s the security of your customers, or the security of your employees. The bad guys are out there, all day, every day, trying to find a way in — that’s a reality. But we can’t make it easy for them. There’s no excuse for sloppiness when it comes to securing databases. Ever.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice.

Related content:

Capital One Breach — A Terrible, Horrible, No Good, Very Bad Day 

Most Important Part in Mitigating a Data Breach 

Faulty Database Brings Salesforce [and Users] to their Knees

Image Credit: DIYPhotography.net

Shelly Kramer

Shelly Kramer is a principal analyst at Futurum Research and one of the founding partners. A serial entrepreneur with a technology centric focus, she has worked with some of the world’s largest brands to lead them into the digital space, embrace disruption and the reality of the connected customer, and help navigate the process of Digital Transformation.

As a brand strategist, she has decades of experience helping global companies with marketing challenges, driving strategy and digital transformation for B2B brands across multiple verticals, with a strong track record in software technologies and all things technology-related.

She covers transformative trends in B2B marketing and sales, digital transformation, customer experience, and marketing technology, as well as topics and trends related to the Future of Work, the transformation of the workplace and how people and technology are driving that transformation. Shelly offers valuable insights for enterprises of all sizes.
Shelly Kramer