Hacker On January 20, a stolen database containing the addresses was leaked e-mail, the names and passwords for over 77 million Nitro PDF service user files. The database contains 77.159.696 files with user email addresses, full names, codes bcrypt hash access, titles, company names, IP addresses and other information.
The database has also been added to the "Have I Been Pwned" service, which allows users to check if their information has been compromised under this violation data, but also if they have been leaked to Internet.
Nitro is one application which helps to create, edit and sign PDF and digital documents. It is an application that, according to Nitro Software, currently has over 10.000 business customers and approximately 1,8 million users. Nitro also provides a service in cloud that customers can use to share documents with colleagues or other organizations involved in the document creation process.
According to BleepingComputer, this massive data breach in Nitro PDF was first reported last year and affects many well-known and large organizations, including Google, Apple, Microsoft products, Chase and Citibank. In particular, Nitro Software revealed a "low impact security incident" on October 21, 2020, noting that its customer data was not affected.
However, BleepingComputer later discovered that a database containing an estimated 70 million Nitro PDF user files was auctioned off along with 1TB of documents at a starting price of $ 80.000. BleepingComputer was able to determine the authenticity of the stolen database, after confirming that there were known Nitro account email addresses in the auction database.
A hacker who claims to be part of "ShinyHunters" has leaked the database for free to an underground forum. ShinyHunters is a hacking group known for breaking into online services and selling stolen information. ShinyHunters is behind numerous violations, including those of Homechef, Wattpad, Minted, Tokopedia, Dave, Promo, Chatbooks, Mathway.
As cybercriminals can use leaked user data to execute Phishing ή credential stuffing attacks, Nitro PDF users are advised to change their passwords and set a strong, unique password. Users need to create a unique and strong password that they do not use for any other site or online service. They are also advised to use a password manager, which helps to manage and create unique passwords for different sites and services.