Adobe Creative Cloud is a subscription service that gives game publishers and designers access to programs like Acrobat DC, InDesign, Photoshop and Illustrator. It’s not just used by RPG studios but by creators around the world.
An unsecured server used by Adobe has exposed 7.5 million customer records.
Hacker News has a write up of how security researcher Bob Diachenko and cybersecurity firm Comparitech found an unsecured Elasticsearch database which contained account details.
Bank data was not included in the database, but email addresses, account creation date, the list of Adobe subscriptions, payment and subscription status, member ID, country and when the user last logged in were in the database.
Adobe acknowledged the problem in a blog post on Friday.
Late last week, Adobe became aware of a vulnerability related to work on one of our prototype environments. We promptly shut down the misconfigured environment, addressing the vulnerability,”
This issue was not connected to, nor did it affect, the operation of any Adobe core products or services. We are reviewing our development processes to help prevent a similar issue occurring in the future.”
What’s the security risk?
At this point, it is not known whether anyone else found the unsecured database.
Experts say that the most likely risk will be from targeted phishing emails. Fraudsters could use this data to make fake emails seem more realistic.
Are you the first reader to have something to say about this post? Check out the comments below.