Delicate info referring to 1000’s of customers of the Nitro PDF reader has been leaked on-line. Again in October, Nitro admitted to what it described as a “low influence safety incident” however claimed that no buyer information was impacted. This now seems to have been false.
A menace actor claiming to be a part of the ShinyHunters hacking group has leaked a 14 GB database containing 77,159,696 Nitro data with customers’ e mail addresses, full names, bcrypt hashed passwords, firm names, IP addresses, and different system-related info.
In actual fact, it’s been clear for just a few months now that buyer info was prone to have been affected by final October’s information breach. A database containing info referring to 70 million Nitro PDF person data, together with 1TB of paperwork, was auctioned shortly after the breach got here to mild for $80,000.
The going fee
The hacker claiming to be a part of ShinyHunters is now providing the Nitro database for obtain on a well known hacking discussion board, asking simply $three for entry. The data may very well be utilized by malicious actors to hold out follow-up assaults, together with phishing campaigns or credential stuffing makes an attempt.
The ShinyHunters group gained notoriety final 12 months after it claimed accountability for a number of large hacks and made the stolen credentials obtainable on-line. The hackers even have kind in relation to giving freely data without cost, doing so in July final 12 months simply days after promoting the identical info for 1000’s of {dollars}.
If any Nitro customers suspect that their particulars might have been compromised by the ShinyHunters hack, they’re suggested to vary their password instantly. And, in fact, if these credentials are shared with different companies, they too needs to be modified.
By way of Bleeping Computer
Source link
