Wednesday, April 30, 2025
HomeAdobeAdobe Hacked - Hackers Exploit The Bug in Magento Marketplace &...

Adobe Hacked – Hackers Exploit The Bug in Magento Marketplace & Gained Access To The Users Data

Published on

SIEM as a Service

Follow Us on Google News

Adobe discloses the security breach on its Magento Marketplace portal, in results, attackers gained access to the registered customer’s sensitive account information.

Adobe owned Magento is an open-source e-commerce and CMS platform written in PHP, and it was acquired for $1.68 billion in 2018. It is one of the most popular open e-commerce systems in the network.

Attackers taking advantage of the vulnerability that resides in the Magento portal to exploit the network and gain access to the Magento Marketplace account holder data.

- Advertisement - Google News

Adobe security experts learned this incident on November 21, soon after they temporarily took down the Magento Marketplace in order to address the issue.

The vulnerability allowed attackers to access some of the sensitive information including Name, Email, MageID, Billing & shipping address and Phone number and other commercial pieces of information.

Adobe also confirmed that there is no financial data (such as credit/debit card) involved in the data breach, and no passwords were compromised.

Adobe sends a security incident noticed to all the customers and said that this issue did not affect the operation of any Magento core products or services.

Adobe data breach notice

According to Jason Woosley, Vice President of Commerce Product & Platform said via blog post “We have notified impacted Magento Marketplace account holders directly,”

“We take these issues seriously and are committed to helping ensure our platforms are secure. We are reviewing our processes to help prevent these types of events from occurring in the future”.

Adobe also confirms that the breach did not affect the operation of any Magento core products or services.

Adobe didn’t disclose any details about the vulnerability and the method used by attackers to exploit the Magento marketplace portal.

Recent Security Incidents

OnePlus Hacked – Customers’ Personal Information Accessed by Hackers

T-Mobile Hacked – Hackers Gained Access to Prepaid Customers Data

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Researchers Reveal Threat Actor TTP Patterns and DNS Abuse in Investment Scams

Cybersecurity researchers have uncovered the intricate tactics, techniques, and procedures (TTPs) employed by threat...

How CISOs Can Strengthen Supply Chain Security in 2025

The responsibilities of Chief Information Security Officers (CISOs) are rapidly evolving as digital transformation...

The CISO’s Guide to Effective Cloud Security Strategies

As organizations accelerate cloud adoption, CISOs face unprecedented challenges securing dynamic, multi-cloud environments. The...

Mitigating Insider Threats – A CISO’s Practical Approach

Insider threats represent one of the most challenging cybersecurity risks facing organizations today, with...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

SonicWALL Connect Tunnel Vulnerability Could Allow Attackers to Trigger DoS Attacks

A newly disclosed vulnerability in SonicWall’s Connect Tunnel Windows Client could allow malicious actors...

Firefox 138 Launches with Patches for Several High-Severity Flaws

Mozilla has officially released Firefox 138, marking a significant update focused on user security....

Zimbra Collaboration GraphQL Flaw Lets Hackers Steal User Information

 A severe Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Suite (ZCS) versions 9.0...