Data from nearly 7.5 million Adobe Creative Cloud users exposed to the Internet from a password-free Elasticsearch database accesss.
The information leaked included mainly details of customer accounts for the Adobe Creative Cloud service, but without passwords or stored payment information.
The data των χρηστών που εκτέθηκαν συμπεριελάμβαναν διευθύνσεις ηλεκτρονικού ταχυδρομείου, αναγνωριστικά μελών (ονόματα χρήστη) της Adobe, χώρα προέλευσης και τα προϊόντα της Adobe που χρησιμοποιούσαν. Συμπεριελάμβαναν επίσης την ημερομηνία δημιουργίας λογαριασμού, την τελευταία ημερομηνία σύνδεσης, αν ο λογαριασμός ανήκε σε κάποιον υπάλληλο της Adobe και την κατάσταση της συνδρομής (ενεργή ή όχι).
The data report was discovered last week (Saturday 19 October) by Security Researcher Bob Diachenko of Security Discovery and Paul Bischoff, a technology journalist at CompariTech.
The researchers reported their findings to Adobe and the company secured the database the same day.
Diachenko and Bischoff hailed Adobe for its quick response and admitted that the data leak was not as serious as other leaks previously published, as it did not contain passwords, payment details or the real names of the company's customers.
However, it is not clear if anyone else has also managed to access this database and downloaded its contents. The data could be used to spam users whose email addresses were exposed.
Συγκεκριμένα, οι hackers θα μπορούσαν να στοχεύσουν στους ιδιοκτήτες ενεργών λογαριασμών Adobe Premium με μηνύματα ηλεκτρονικού “ψαρέματος” (phishing) για να αποκτήσουν τους λογαριασμούς του Adobe Creative Cloud που όπως ίσως γνωρίζετε κοστίζουν αρκετά. Τους λογαριασμούς αυτούς θα μπορούσαν αργότερα να τους πουλήσουν online, σε εξειδικευμένες αγορές του Dark Web.
For its part, Adobe admitted exhibiting the information with a post on her blog on Friday, October 25.
It should be noted that this leak is not at all serious compared to Adobe's massive leak in 2013, where hackers acquired almost all the data from 38 millions of Adobe users. At that time, Adobe's breach was one of the biggest hacks that ever happened.
