Incidents

Magento Marketplace was hacked; the most insecure platform

Data protection experts reported an intrusion that has impacted Adobe Magento Marketplace users, employed to purchase, sell, and download themes and plugins for Magento-based online stores.

Through an email, the company notified its
customers, noting that hackers took advantage of a known vulnerability in the
Magento Marketplace website to access compromised systems, resulting in
unauthorized access to registered users’ accounts.

In the report, data protection experts mention
that both registered users on the site and developers of plugins and themes
that use this platform to offer their creations and earn some money were
affected.

Adobe has not mentioned any more technical details of the attack, such as the type of vulnerability exploited by threat actors, as it has only merely claimed that the intrusion was detected a week ago. What is known is that the flaw allowed hackers to access multiple details such as:

  • Full
    names
  • Platform
    username (MageID)
  • Email
    address
  • Phone
    number

The company notes that users’ financial data
and passwords were not compromised during this incident, and potentially
affected users have already been notified.

The message sent to users, signed by Jason
Woosley, Adobe’s Vice President of Business, does not mention the total number
of accounts affected. “Magento Marketplace was taken offline as soon as we
detected the intrusion, so we hope we’ve cut off the scope of the
incident,” Woosley concludes.

Regarding Adobe’s core products and platforms,
it is mentioned that the incident had no impact on these resources, and there
is no indication to suggest that threat actors managed to compromise Magento’s
central backend or plugins and hosted issues at the time of the intrusion.

It should be remembered that Magento is a
content management system for creating online stores; it is a cloud-based service
variant, although it can also be hosted by itself. According to the data
protection experts of the International Institute of Cyber Security (IICS),
after Shopify,
Magento is the most popular e-commerce platform today.

To Top

Pin It on Pinterest

Share This