Adobe admitted to exposing data of 7.5 million creative suite users
BUSINESSES thrive on user data. As such, most businesses collect plenty of it and expect to use it to provide better services and experiences to customers — while also boosting their own revenues.
However, in recent times, it seems as though the push towards digital is causing companies to lose their grip on user data, putting their customers as well as their reputation at risk.
Most recently, Adobe, the maker of the world’s most popular creative software suite which includes products such as Lightroom, Photoshop, and Premiere Pro, said that it exposed the data of 7.5 million users.
“Adobe became aware of a vulnerability related to work on one of our prototype environments. We promptly shut down the misconfigured environment, addressing the vulnerability,” the company said in a blogpost.
“The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services.”
Although the software giant emphasized that no passwords or financial information were lost, the source that broke the news of the data leak said that member identifications, subscription status, payment status, and whether the user was an Adobe employee were among information that was exposed.
While this isn’t the first time that Adobe was “hacked” — previously, in 2013, the company suffered a data breach involving 38 million users — the reality is that customers and companies both need to learn to be careful in cyberspace.
Despite the leak, the transparency and maturity displayed by Adobe, in this instance, is commendable, especially as many of its peers seem to struggle with disclosing cyberattacks and other data security-related lapses.
For individuals, the precautions are fairly simple. Experts often suggest that individual users, for online transactions, should use debit cards and e-wallets that can be ‘turned off’ when not in use.
Further, it is strongly recommended that users change their passwords frequently on services they use often, and use a password wallet to store strong automatically generated passwords for services they use every once in a while.
However, the real advisory that Adobe’s recent data exposure brings is for businesses who are looking to accelerate their journey to digital. These organizations should remember that whether configuring their cloud environment or creating software to access existing or new data, every care must be taken to look for vulnerabilities and secure them.
At the end of the day, customers trust businesses with their data. If organizations consistently fail to demonstrate that they are capable of protecting it, users and regulators might have no option but to deploy other, more intelligent safety measures.