Hacker leaks full database of 77 million Nitro PDF user records

A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free.

The 14GB leaked database contains 77,159,696 records with users’ email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related information.

The database has also been added to the Have I Been Pwned service which allows users to check if their info has also been compromised in this data breach and leaked on the Internet.

Nitro is an application that helps create, edit, and sign PDFs and digital documents, an app that Nitro Software claims to have over 10,000 business customers and roughly 1.8 million licensed users.

Nitro also provides a cloud service that customers can use to share documents with coworkers or any other organizations involved in the document creation process.

Nitro’s data breach

The massive Nitro PDF data breach BleepingComputer first reported last year also impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank.

Nitro Software disclosed a “low impact security incident” on October 21, 2020, in an advisory to the Australia Stock Exchange, stating that no customer data was impacted.

However, as BleepingComputer later found, a database containing alleged info on 70 million Nitro PDF user records got auctioned together with 1TB of documents for a starting price set at $80,000.

BleepingComputer was able to determine the stolen database’s authenticity after confirming that known email addresses of Nitro accounts were present in the auctioned database.

Stolen user records leaked for free

Now, a threat actor claiming to be a part of ShinyHunters has leaked the full database for free on a hacker forum — the threat actor has set a price of $3 for access to the download link.

ShinyHunters is a notorious threat actor known for hacking online services and selling stolen information via data breach brokers or in private sales.

Previously, ShinyHunters said they were behind breaches at Homechef, Wattpad, Minted, Tokopedia, Dave, Promo, Chatbooks, Mathway, and many others; the information proved to be true.

As malicious actors can use the leaked user details to launch more credible phishing attacks or for credential stuffing, affected Nitro PDF users are strongly advised to change their passwords to a strong, unique password.

Users should switch to a unique and strong password that they don’t use for any other website or online service.

Using a password manager is also recommended as it helps manage and generate unique and for different sites.

NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only

Best Cyber Security Products & Solutions