Popular PDF reader has database of 77 miliion users hacked and leaked online PDF
Sensitive information relating to thousands of users of the Nitro PDF reader has been leaked online. Back in October, Nitro admitted to what it described as a “low impact security incident” but claimed that no customer data was impacted. This now appears to have been false.
A threat actor claiming to be part of the ShinyHunters hacking group has leaked a 14 GB database containing 77,159,696 Nitro records with users’ email addresses, full names, bcrypt hashed passwords, company names, IP addresses, and other system-related information.
In fact, it’s been clear for a few months now that customer information was likely to have been affected by last October’s data breach. A database containing information relating to 70 million Nitro PDF user records, along with 1TB of documents, was auctioned shortly after the breach came to light for $80,000.
The going rate
The hacker claiming to be part of ShinyHunters is now offering the Nitro database for download on a well-known hacking forum, asking just $3 for access. The records could be used by malicious actors to carry out follow-up attacks, including phishing campaigns or credential stuffing attempts.
The ShinyHunters group gained notoriety last year after it claimed responsibility for several huge hacks and made the stolen credentials available online. The hackers also have form when it comes to giving away records for free, doing so in July last year just days after selling the same information for thousands of dollars.
If any Nitro users suspect that their details may have been compromised by the ShinyHunters hack, they are advised to change their password immediately. And, of course, if those credentials are shared with other services, they too should be changed.
Sensitive information relating to thousands of users of the Nitro PDF reader has been leaked online. Back in October, Nitro admitted to what it described as a “low impact security incident” but claimed that no customer data was impacted. This now appears to have been false. A threat actor claiming…
