Adobe has admitted that some Creative Cloud customer information — 7.5 million records, according to the researchers who stumbled upon the data — was exposed recently due to a misconfiguration.
Researcher Bob Diachenko and Comparitech reported last week that they had identified an unprotected Elasticsearch database — the database was accessible without a password — storing Creative Cloud customer information.
The database contained email addresses and other account information, including account creation date, Adobe products used, subscription status, member ID, country, payment status, and time since last login. However, passwords or payment information were not exposed.
It’s unclear how many users were affected, but Comparitech and Diachenko reported counting 7.5 million records in the exposed database.
“The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams. Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example,” Comparitech said in a blog post.
The exposed data was discovered on October 19 and Adobe took steps to secure the database on the same day.
Adobe confirmed the incident and said it was related to one of its “prototype environments.”
“The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services,” Adobe said.
The company added, “We are reviewing our development processes to help prevent a similar issue occurring in the future.”
This was not the only significant data exposure uncovered recently by Diachenko and Comparitech. In the past few months, they also reported finding 2.8 million records exposed by CenturyLink, 700,000 records exposed by Choice Hotels, 7 million student records exposed by K12.com, 300,000 records exposed by QuickBit, and 5 million records exposed by MedicareSupplement.com.
Comparitech also reported recently that the official campaign website of U.S. President Donald Trump exposed information that may have allowed hackers to intercept emails and send out emails on behalf of the campaign, but representatives of the Trump campaign have downplayed the risk.
Related: JIRA Misconfiguration Leaks Data of Fortune 500 Companies
Related: Adobe Patches ColdFusion Vulnerability Exploited in the Wild
Related: Adobe Patches Two Code Execution Vulnerabilities in Flash Player

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges
- Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations
Latest News
- Consolidate Vendors and Products for Better Security
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
