Software company Adobe revealed a security breach on the Magento Marketplace, an open-source ecommerce platform, which exposed the information of registered users.
According to the company, it detected the vulnerability on November 21 and immediately took down the Magento Marketplace to fix the issue.
“At Magento, we believe transparency with our global community of merchants, partners, and developers is important. Accordingly, we want to share a security update. On November 21, we became aware of a vulnerability related to Magento Marketplace. We temporarily took down the Magento Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services.”
Jason Woosley, VP Commerce Product & Platform, Adobe’s Experience Business
What Has Been Compromised?
Magento sent out an email to its customers whose account information was affected by the breach.
The email stated that their name, email, MageID, billing and shipping address information, as well as billing and shipping phone number were accessed by a third-party.
Limited commercial information, such as the percentage of payments Adobe has made to Magento developers, was also compromised.
Fortunately, no passwords or financial data, including payment card information, were exposed.
Magento said it takes these issues seriously and is committed to helping ensure its platforms are secure.
Furthermore, it is reviewing its processes to prevent these types of events from occurring in the future.
Magento users are advised to refer to the Magento Security Center to help ensure the security of their Magento store.
What can you say about Adobe’s revelation of a security breach on the Magento Marketplace?
Please use the comments section below or head over to our Facebook Group for Small Business Sellers and interact with other small business owners.