The 14GB of database leaked that contains 77 million (77,159,696 records) of email, IPs, names and bcrypted passwords. Millions of people are the victim of phishing and scamming as both former and current users are getting notices of a data leak.
The data has been shared for free on hacking forums, putting millions of people’s security at risk. Nitro PDF was hacked back in September 2020, so hackers have been exploiting the data set privately for about 5 months. The records in data leaked include the following:
- Full names
- Email addresses
- Company and title
- IP addresses
- System information
- Passwords (bcrypted)
People use the Nitro PDF software to create, sign, edit, and secure PDF files, some eminent corporate clients are in the database- Apple, Citi Bank, Google, Microsoft, and Amazon. The Nitro PDF data was possibly on target by the hackers who were most likely to target data from the massive dataset. When the data was breached it was priced at $80,000 to anyone interested.
Nitro PDF disclosed the security breach incident in October 2020 after a month it happened. Nitro stated that “the security breach didn’t expose financial data and actual documents. Leaked Full names, email addresses, IP addresses, job details created the high-quality act of phishing and scamming.”
Nitro PDF is rolling out a notification to its users- “If you have received a notification from ‘have I been pwned?’ go ahead and reset your passwords and use something strong and unique this time. Ideally, just pick a password manager and generate “ridiculously” secure passwords everywhere.”
“The database was initially leaked by threat actor ShinyHunters who charged a nominal fee for access to a download link, but the database is now available elsewhere online for free. ShinyHunters said they were behind breaches at Homechef, Wattpad, Minted, Tokopedia, Dave, Promo, Chatbooks, Mathway, and many others; the information proved to be true,” noted by Bleeping Computer.
Nito PDF users are advised to unique and strong passwords and use a password manager as it helps in generating unique passwords for different websites.