Adobe Inc. exposed the data of 7.5 million of its creative-software customers, the company said.
In a blog post, Adobe said that late last week, the company became aware of a vulnerability related to work on one of its prototype environments. The company shut down the misconfigured environment, addressing the vulnerability.
According to Adobe, the environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. The issue was not connected to, nor did it affect, the operation of any Adobe core products or services, Adobe added.
“We are reviewing our development processes to help prevent a similar issue occurring in the future, ” Adobe commented.
A researcher also found users’ member identifications, subscription status, payment status and whether the user was an Adobe employee, according to the website Comparitech, which first reported on the security lapse.
Adobe's products include the Photoshop, Illustrator, InDesign, and Premiere applications.
In 2013, attackers had stolen user names and encrypted passwords for 38 million Adobe's customers.