Adobe discloses a security breach that affected the users of the Magento marketplace website, the incident was discovered last week.
Adobe disclosed a security breach that affected the users of the Magento Marketplace portal, the security team discovered the incident on November 21. The Magento Marketplace is a website for buying and downloading themes and plugins for e-stores running the Magento CMS.
Magento is the most popular content management solution (CMS) for building e-commerce website, Adobe acquired the company for $1.68 billion in 2018.
According to the data breach notification sent via email by Adobe to its customers, the hackers exploited a vulnerability in the Marketplace website to access account information for registered users. The company did not disclose the number of impacted accounts.
Hackers accessed data of registered users and developers that registered on the portal to sell their plugins and themes.
Exposed data include name, email, store username (MageID), billing and shopping addresses, phone number, and some commercial information, while financial data and passwords were not compromised. In response to the incident, the company temporarily took down the Marketplace in order to fix the vulnerability exploited by hackers.
“On November 21, we became aware of a vulnerability related to Magento Marketplace. We temporarily took down the Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services.” reads the security update published by Magento.
“We have notified impacted account holders directly. “
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.