Adobe Announces Hacking of Magento Marketplace

Adobe, which owns Magento since 2018, recently reported about hacking into the Magento Marketplace, where it is possible to purchase plugins and themes for online stores powered by Magento.

Representatives of the company write that due to an unnamed vulnerability on the trading platform, unauthorized persons were able to access the data of user, which registered on the site to buy themes and plugins, as well as to access data about the developers of these solutions that used the portal to sell their products.

It is not known exactly when the attack occurred, but it is reported that a security breach was noticed last week, November 21, 2019.

“On November 21, we became aware of a vulnerability related to Magento Marketplace. We temporarily took down the Magento Marketplace in order to address the issue. The Marketplace is back online. This issue did not affect the operation of any Magento core products or services”, — report Adobe employees.

By exploiting the vulnerability, attackers were able to gain access to user names, their email addresses, MageID, billing and shopping addresses, phone numbers, as well as limited commercial information, for example, about the percentage of payments that Adobe paid to developers. Passwords and billing information were not affected by the attack.

Read also: Children’s smart watch SMA-WATCH-M2 discloses personal data and location information

Jason Woosley
Jason Woosley

Although the company did not disclose the exact number of affected accounts, Adobe representatives assured that they had already notified about the incident all the victims.

“We have notified impacted Magento Marketplace account holders directly”, – said Jason Woosley, Vice President of Commerce Product & Platform, Experience Business, at Adobe.

It is also emphasized that all problems in the Magento Marketplace have now been fixed and the resource can be used without fear. In addition, there is no reason to believe that the attackers were able to compromise the main products and services of Magento. It is reported that the attack did not affect the plugins themselves and the topics posted on the trading floor.


Magento is a content management solution (CMS) for building online stores. It comes as a cloud-based services, but also as a self-hostable solution. It is one of today’s most popular e-commerce platforms, behind Shopify. Adobe acquired Magento for $1.68 billion in May 2018.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Blue Mockingbird hackers

Blue Mockingbird hackers cracked thousands of corporate systems

According to Red Canary analysts, recently has been discovered a new hack group, operating under …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.