Email addresses of users of Adobe Creative Cloud have been part of a data breach, the company has said. While the company closed down the access point, data including email addresses were potentially breached.
The breach affected almost 7.5 million customers, and was discovered by a company called Comparitech, which then made Adobe aware of the issue in mid-October. While Adobe reportedly tightened the security around the database in question immediately, it did not disclose the breach until October 25, in a posting on its site.
"The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information," said Adobe. "This issue was not connected to, nor did it affect, the operation of any Adobe core products or services."
- Data Breach Tracker: who lost control of your data this week
- Moleskine's new notebook lets you draw right into Adobe Illustrator
- Rocketbook vs Moleskine Adobe Creative Cloud Connected Paper Tablet
Programs that are part of Adobe Creative Cloud include IllustratorAdobe
Data breaches are a nearly weekly, if not daily, occurrence where consumer information, from email addresses to passwords, medical records to home addresses, are left on databases, online, that are not secure. While the general public may not know how to see these details, hackers do, and will sell the data to others or just leave the data to be found.
Adobe suffered an even larger data breach in 2013, which hit at least 38 million users and involved credit card details and login information. In this case, Adobe noted that financial details and passwords were not part of the hack, Comparitech found that payment and subscription status, member IDs, the country where they lived, when they opened their account and which products they used, among other details, were part of the hack.
Bitdefender BOX 2 (Latest Version) - Complete Home Network Protection for Your WiFi, Computers, Mobile/Smart Devices and More, Including Alexa and Google Assistant Integration - Plugs Into Your Router
What's key is for customers to know that their accounts have been breached in some way. While credit card data, in this case, was not made vulnerable, knowing someone's email — and that they're a customer of Adobe — is a nice way to gain access to their password and credit card information through a method called phishing.
Phishing is where someone impersonates another person via email. An email looks as if it's sent from a trusted source — a friend, a colleague, a family member or a company where you do business. In that email, familiar or casual language is used to ask someone to open a file, a document or even to falsely alarm them that they need to verify their account details and share their password.
With an email address, hackers can run phishing campaigns on users to gain access to their account Getty Images/iStockphoto
Once that document or file is opened, it can install — without a receiver ever realizing — malware. That software can force emails out from an email account, without the owner realizing, and then the process is started all over again. Or the password can be used to access an account, and steal more details.
Anyone who is an Adobe Creative Cloud customer can reach out to the company via a specific site. Adobe is also looking through its "development processes to help prevent a similar issue occurring in the future," it said.
GearBrain TV: How to Secure your Smart Devices www.youtube.com