Magento warned users to change their passwords immediately after a data breach incident that exposed users’ account information.
Magento, which is owned by Adobe, disclosed a data breach incident. As a result, users’ account information is exposed to an unknown group of hackers. If you have a Magento account to buy or sell extensions, plugins, or website theme, change your password immediately to stay safe.
Undisclosed vulnerability
According to the announcement made by the company, the hacker gained unauthorized third-party access to the user database by exploiting a vulnerability. The company didn’t share any information about the vulnerability. Account information, such as names, email addresses, MageID, billing and shipping addresses, and commercial information of both customers and developers are stolen by the hackers.
Adobe also claims that the breach was discovered on November 21, but it is still unclear when the Magento was compromised. The company also didn’t reveal the number of users that are affected by this incident. Adobe started notifying the customers about the incident and Jason Woosley, VP of Commerce Product and Platform at Adobe said:
“On November 21, we became aware of a vulnerability related to Magento Marketplace. We temporarily took down the Magento Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services.”