Time to check who left their database open and leaked 7.5m customer records: Hi there, Adobe Creative Cloud!

No passwords, banking details, but enough info to convincingly phish someone


Adobe has pulled offline a public-facing poorly secured Elasticsearch database containing information on 7.5 million Creative Cloud customers.

The cloud-based silo was uncovered by infosec detective Bob Diachenko, who reported it to Adobe last week.

The exposed records include email addresses, account creation dates, details of products purchased, Creative Cloud subscription statuses, member IDs, countries of origin, subscription payment statuses, whether the user is an Adobe employee, and other bits of metadata.

For those out of the loop, Creative Cloud is the online successor to Adobe's software suite of things like Photoshop, Illustrator, and Premiere. Users pay a monthly fee to access the various apps rather than buy them on CD.

The database contains pretty bog standard information about subscribers, and there were no payment card details nor passwords included, so if you were one of the 7.5 million exposed you're probably not in any danger of fraud or the theft of Creative Cloud subscriber accounts.

However, as Comparitech editor Paul Bischoff, who worked with Diachenko to report the wayward database to Adobe, noted today, these sorts of small details could be very useful for social engineering. They may not let a thief steal your account directly, but they could be the first step toward a compromise via phishing emails.

"The information exposed in this leak could be used against Adobe Creative Cloud users in targeted phishing emails and scams," Bischoff explained.

"Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords, for example."

US soldiers in the desert

Messed Western: Vuln hunters say hotel giant's Autoclerk code exposed US soldiers' info, travel plans, passwords...

READ MORE

As the database has since been taken offline, there is no risk of further exposure. Diachenko reckons the database was online for around a week, and there's no indication if anyone else was able to view it.

"We are reviewing our development processes to help prevent a similar issue occurring in the future," Adobe said of the exposure.

The media software giant has plenty of company in leaving a cloud database exposed.

With the advent of Shodan and other tools capable of automatically crawling large blocks of IP addresses, it has become clear that there are millions of databases on AWS and other cloud platforms that are set to allow public access.

While most of those databases and cloud instances don't contain sensitive data, many were packed with files and information that the creators never intended to make public. Massive exposures have occurred at Veeam, the Mexican government and the RNC all thanks to misconfigured machines.

Admins and developers are advised to always make sure their machines are configured to only allow access to those who need it. ®


Other stories you might like

  • Adobe apologizes for repeated outages of its Creative Cloud video collaboration service
    Frame.io admits it was 'slow to scale as demand rose

    Adobe-owned cloudy video workflow outfit Frame.io has apologized and promised to do better after a series of lengthy outages to its service, which became part of Adobe's flagship Creative Cloud in 2021.

    Frame.io bills itself as "The fastest, easiest, and most secure way to automatically get footage from cameras to collaborators – anywhere in the world" because its "Camera to Cloud" approach "eliminates the delay between production and post" by uploading audio and video "from the set to Frame.io between each take." In theory, that means all the creatives involved in filmed projects don't have to wait before getting to work.

    In theory. Customers say that's not the current Frame.io experience. Downdetector's listing for the site records plenty of complaints about outages and tweets like the one below are not hard to find.

    Continue reading
  • Adobe lowers 2022 forecast, blames Ukraine war, strong dollar
    Extended 'summer season' also at fault, says software slinger as share price slides

    Creative software slinger Adobe booked in double-digit revenues rises in its latest quarter but lowered forecasts due to conflict in Ukraine and and currency challenges. As such, Wall Street frowned and the share price went down.

    The Photoshop maker reported turnover from sales of $4.39 billion for Q2 ended June 3, up 14 percent year-on-year. The vast bulk of this, some $4.07 billion, was subscription-based, something other software vendors must eye with some envy because investors love recurring revenues.

    The Digital Media division, which includes Creative Cloud and Document Cloud products, jumped 15 percent to $3.20 billion, higher than analysts had estimated. The Digital Experience wing was $1.1bn, up 17 per cent, again trumping analysts' projections of $1.08 billion.

    Continue reading
  • Microsoft fixes under-attack Windows zero-day Follina
    Plus: Intel, AMD react to Hertzbleed data-leaking holes in CPUs

    Patch Tuesday Microsoft claims to have finally fixed the Follina zero-day flaw in Windows as part of its June Patch Tuesday batch, which included security updates to address 55 vulnerabilities.

    Follina, eventually acknowledged by Redmond in a security advisory last month, is the most significant of the bunch as it has already been exploited in the wild.

    Criminals and snoops can abuse the remote code execution (RCE) bug, tracked as CVE-2022-30190, by crafting a file, such as a Word document, so that when opened it calls out to the Microsoft Windows Support Diagnostic Tool, which is then exploited to run malicious code, such spyware and ransomware. Disabling macros in, say, Word won't stop this from happening.

    Continue reading

Biting the hand that feeds IT © 1998–2022