Nearly 7.5 Million Adobe Creative Cloud User Records Exposed

Due to an unsecured database, the customer details for almost 7.5 million Adobe Creative Cloud users were left exposed online for an undetermined length of time. While no passwords or financial information was part of the exposure, it did include other login information. For those who connect to Creative Cloud via Shibboleth authentication, exposed information would include first and last name, Brown username, and email address.

If hackers had accessed the exposed database and downloaded its contents, these details could be used to launch phishing attacks. One possibility, according to ZDNet, is that "... hackers could target owners of active Adobe premium accounts with phishing emails to hijack high-value Creative Cloud accounts from owners, which they can later re-sell online, on specialized dark web markets."

We recommend staying vigilant of phishing attempts, especially ones that might have to do with Adobe products. We also recommend that you take this opportunity to activate two-step for your Brown Gmail if you haven't already done so.

Related Reading:
Adobe:  Security Update 10/25/2019
SC:  Adobe leaves Creative Cloud database open, 7.5 million users exposed
DPReview:  Adobe exposed the account information of nearly 7.5M Creative Cloud users
ZDNet:  Adobe left 7.5 million Creative Cloud user records exposed online

General Alert
Security Alert

Written by pfalcon@brown.edu on