Adobe left the personal information of almost 7.5 million customers of its Creative Cloud service exposed, according to a new report on The Next Web.
Security firm Comparitech says Adobe left an Elastisearch server accessible without any password or authentication required. Adobe corrected the problem as soon as it was alerted on October 19th. Exposed information included email addresses, Creative Cloud subscription information and other details, though financial information and passwords were not exposed.
Comparitech’s concern is that the information which was exposed may make those Adobe customers more liable to phishing attacks in the future.
Adobe acknowledged the issue in a blog post:
The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services.
Do incidents like this make you wary to share your details with companies like Adobe? Sound off in the comments.