- Author|Safe Cow
- Source|Tencent
- Release time|2021-01-21
The database containing more than 77 million Nitro PDF user records (email addresses, user names, and passwords) was stolen and was leaked publicly by hackers yesterday for free.
The 14GB leaked database released by the hackers contained 77,159,696 records, which contained the user's email address, full name, bcrypt hash password, title, company name, IP address, and other system-related information.
The database has been added to the "Have I Been Pwned" leak detection service, which allows users to check whether their information is exposed in a data breach.
Nitro is an application that can help create, edit, and sign PDF and digital documents. It claims to have more than 10,000 commercial customers and approximately 1.8 million licensed users.
Nitro also provides a cloud service where customers can share documents with colleagues or any other organization.
This is not Nitro's first serious data breach. Last year, Nitro PDF revealed a large-scale data breach. The affected companies include Google, Apple, Microsoft, Chase and Citibank.
Although Nitro Software disclosed a "low-impact security incident" in an announcement on the Australian Securities Exchange on October 21, 2020, it pointed out that no customer data was affected. However, according to BleepingComputer, in that data breach, a database containing allegedly recorded information about 70 million Nitro PDF users was auctioned together with a 1TB document, with a starting price of US$80,000.
