Important Magento Marketplace Security Notice

Dear Magento Marketplace Account Holder,

We are writing to let you know about an issue that we recently identified, and quickly fixed, that impacted some of your Magento Marketplace account information. On November 21, 2019, our security team discovered a vulnerability that resulted in an unauthorized third-party accessing account information related to Magento Marketplace account holders.

Upon discovery, we immediately launched an investigation, shut down the service and addressed the issue. No passwords or financial data (including payment card information) were impacted. None of the Magento core products or services were affected by this issue.

The Magento Marketplace account information accessed was the information associated with your Magento Marketplace user account, including name, email, MageID, billing and shipping address information, billing and shipping phone number, and limited commercial information (percentages for payments to developers).

We take these issues seriously and are committed to helping ensure our platforms are secure. We are reviewing our processes to help prevent these types of events from occurring in the future.

We regret that this issue occurred and apologize for any inconvenience this may have caused. As noted above, the issue has been fixed. However, as always, we recommend following security best practices. Please follow this Magento Security Center for more information.

If you have any questions about this issue, please reach out through the Magento Marketplace Help Center.

Thank you,

Magento Marketplace Customer Support