Adobe is warning its analytics customers that an ingestion bug displayed the data of some organizations in the analytics examples of others for about a day.
Adobe, while disclosing the issue on its status page, said that it began at 12:20 UTC on September 17, 2025, when a performance adaptation change introduced a bug in analytics edge data collection.
The status page stated that Fall appeared in the analysis of the analysis of the “incorrect honor” and Adobe Engineering teams are working to clean the affected dataset.
“On September 17, 2025, at 12:20 UTC, a service disruption affected Adobe analytics customers globally, including the application dependent on Adobe Analytics data,” reads the status entry of Adobe for an analytics issue.
“Interruption Adobe Analytics data collection recently occurred due to the bug introduced during the performance adaptation change, which showed incorrect respects in the analysis scope reports.”
Bug affected several analytics services including data collection, media processing, customer characteristics and reporting applications.
Adobe again changed the change on UTC at 11:00 on September 18 and said the incident did not occur due to malicious activity or cyber security incident.
While the position of Adobe only says “incorrect data”, a private customer advisor shared with a private customer advisor states that the fields in some data were refused with values from the data stream of other customers.
The company says it affects about 3-5% of the data collected, in which corrupt rows are found within data feed, live stream, scheduled reports and other integration.
Swallowing data of multiple products from Adobe Analytics, they also affected, including customer travel analytics, real-time CDP and Adobe Journey Optimizer.
Advisory instructs customers to immediately remove all affected data from their system, backup and downstream environment, as it may contain information arising from other customers.
“All affected Adobe Analytics customers who use data feed or live stream should immediately remove or purify any data obtained between September 17, 12:20 UTC, and 18 September, 2025, 11:00 UTC, as it may contain information about specific sector from other adobe customers,” reads the advice given by Bleepingcomputer.
“Please also remove all potentially affected data from your system, backup and any downstream environment, where it can be stored or processed.”
“This action may have been required to help inserting further retention or use of data that may have been inadvertently exposed. The only other side that could be potentially seen the data is an adobe contracted customer.”
While Adobe states that it is against its policies to collect personal data through its analytics platform, bleepingcomputer has learned that customers do not always follow these policies.
“, This means that the company shows the information of A web tracking company B. It includes anything that was tracked to the company B, including sensitive data such as email address, session hash, on-site search data, etc.,” an analytics advisor told BlappingCopper.
Another customer stated that the implications were far -reaching, viewing the adobe analytics data leaks as an important issue with possible risks under VPPA, CPPA and GDPR.
He also warned that because the ingestion bug wrote the data of other customers directly into the Downstream Business Intelligence System, it was embedded in backup, exports and other systems that use platforms.
Bleepingcomputer contacted Adobe for clarification, but the company only sent us back to its public status page and did not answer further questions.
Adobe says that it continues to clean the data and inform customers that the platform can be used for valid reporting once again.
attend Violation and attack simulation summit And experience Future of security verificationListen to top experts and see how AI-managed base Breach is changing and attacking simulation.
Do not remember the event that will shape the future of your safety strategy
