Adobe disclosed Magento data leak that affected user information

Adobe discovered the data leak at the end of November

Magento had suffered a data breach that affected user account data

According to Adobe, Magento Marketplace suffered from a major data breach that affected user account information.^[1] The company has notified all users officially about the leakage that was discovered on November 21, 2019:

We are writing to let you known about an issue that we recently identified, and quickly fixed, that impacted some of your Magento Marketplace account information. On November 21, 2019, our security team discovered a vulnerability that resulted in an unauthorized third-party accessing account information related to Magento Marketplace account holders.

Continuously, Adobe claims that they have processed an investigation immediately after discovering the data breach incident and have been looking forward to preventing similar leaks in the future by applying more advanced security to their services. Also, the company sincerely apologizes for what had happened and states that all affected people have been contacted and informed directly.

Magento Marketplace is an open-source e-commerce platform that is created for downloading, buying, and offering various add-ons, themes, and plug-ins for Internet shops that are being run by Magento company.^[2]

No credentials or passwords were accessed

Because of Magento vulnerability, an unauthorized party received permission to remotely access user information such as names, surnames, username IDs, contact data such as mobile phone numbers, email account addresses, residence addresses, commercial information, and so on.^[3] Gladly, Adobe has reported that other sensitive data such as account security passwords and credentials remain safe.

The affected people are not only users who tended to buy services and products, but also the original developers of these programs/services that were using Magento's accounts. Fortunately, Adobe managed to react very quickly and disabled Magento for some time before things went back to normal. For users, the website is now operating as before and can be used safely again.^[4] The company claims that the breach did not do any damage to their inner systems, nor it affected their provided services or products.

Data breaches happen very often and are reported on news sources daily

Magento data breach is only a small fish in the ocean as data leaks happen daily. Some companies do not pay enough attention to security, others unknowingly include vulnerabilities in their servers, and then get hacked by bad actors.

Recently, the data breach hit a famous Chinese smartphone manufacturer OnePlus^[5] and affected online users who have been using the company's shopping services were affected by this incident. It happened because the firm did not manage to protect its platform properly and important customer data got vulnerable to exposure.

So, as you can see, reports about breach incidents flood the Internet sphere frequently. If you are just a regular computer user and have been wondering if you can increase your online security, the answer is yes. You can always create strong and reliable passwords, add two-factor authentication to your accounts, and avoid registering to unknown services.