The impacted users incorporate both the regular ones who purchased themes and plugins as well as the theme developers who were utilizing the portal to sell their code and make money.
In an email sent to users, the company said it was the vulnerability in the Magento Marketplace website that permitted "an unauthorized third-party" to access the account data for the registered users. The vulnerability enabled access to user information, like name, email, store username (MageID), billing and shopping addresses, phone number, and limited commercial information like percentages for payments Adobe made to theme/plugin developers.
However, fortunately, any account's passwords or financial information were not exposed, according to Adobe.
The store is currently back online.
The Adobe VP although didn't share the exact number of affected accounts. A Magento representative when approached didn't comment past the company's official blog post.
Nonetheless Adobe executive said the hack didn't bring about any outages or disturbances to the company's core Magento products and services, and, at the hour of writing, there is no reason to accept that the hacker compromised Magento's core backend or plugins and themes facilitated on the 'marketplace'.