U.K.-based tech firm Comparitech and security researcher Bob Diachenkodiscovered the exposed data, which they said could be viewed without a password or any other kind of authentication.

The researchers alerted Adobe on October 19, prompting the software company to secure the database on the same day.

Exposed data

The exposed data involved 7.5 million accounts and included email addresses, member IDs, country locations, account creation dates, Adobe products used, time since last login, payment status, and whether the user is an Adobe employee, among other details.

Payment information and passwords were not exposed.

“Fraudsters could pose as Adobe or a related company and trick users into giving up further info, such as passwords,” Comparitech said in a post about the incident.

There’s so far no evidence that the data was accessed by third parties during the time it was exposed online.

California-based Adobe acknowledged the incident ina messageon its website.

“At Adobe, we believe transparency with our customers is important. As such, we wanted to share a security update,” the company said.

“Late last week, Adobe became aware of a vulnerability related to work on one of our prototype environments. We promptly shut down the misconfigured environment, addressing the vulnerability.”

It continued: “The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services. We are reviewing our development processes to help prevent a similar issue occurring in the future.”

It’s not the first time Adobe has run into trouble with how it handles user data. In 2013, the company suffereda far more serious incidentwhen hackers stole information belonging to around 38 million users. In that case, the hackers managed to get their hands on encrypted customer data that included payment card details, names, usernames, and email addresses.