The developer of the well-known PDF tool, Nitro, has leaked their customers' data.
The scale of the problem is easy to gauge by looking at the official statistics: over 10,000 business customers and 1,800,000 users worldwide use Nitro to create, edit, and sign PDFs and digital documents. In addition, Nitro provides users with a cloud service to share documents with colleagues or other organizations. Thus, due to the incident, not only ordinary people suffered, but also such giants as Google, Apple, Microsoft, Chase and Citibank.
Bleeping computer reports that on October 21, 2020, Nitro Software notified the Australian Stock Exchange of the incident. The company said in a statement that it was hit by an "incident that did not have a major impact (on the company's operations)," and no customer data was harmed.
However, specialists from the cyber security company Cyble told reporters that the incident was much more serious, and hackers are already selling at a private auction user databases and databases with documents stolen from the company, as well as more than 1 TB of various documents. The starting price for this data starts at $ 80,000.
Cyble experts state that the user_credential database table contains over 70,000,000 entries, including email addresses, full names, bcrypt hashed passwords, job titles, company names, IP addresses, and a host of other information. Bleeping Computer journalists write that they were able to verify the authenticity of the data through the known email addresses of the Nitro accounts, which were present in the database. However, there is no evidence that this information was stolen by attackers as a result of this particular attack.
In turn, the document database contains the names of files, information about when they were created, signed, which account the document belongs to and whether it is publicly available. According to Cyble, the database contains many records associated with well-known companies.
Bleeping Computer notes that even the titles of the documents themselves already reveal a lot of information about financial statements, mergers and acquisitions, nondisclosure agreements, product releases and so on. Since Nitro is often used by companies to digitally sign confidential financial, legal and marketing documents, this leak could seriously impact the businesses of affected companies.
Representatives of Nitro told the publication that they are still investigating the incident and so far have no evidence that "confidential or financial data of clients has been compromised."