By taking these precautions, you can reduce the risk of data breaches and protect your sensitive information.
: On October 21, 2020, Nitro Software advised the Australian Stock Exchange of an "isolated security incident" with "no material impact."
The problem: without logs, no evidence did not mean no breach . Security experts immediately criticized the response as insufficient. Nitro did force password resets for all users, nor did it initially disclose the scale of the incident. nitro pdf data breach
The breach was particularly notable because many prominent companies use Nitro’s services. Leaked data included records associated with employees at Google, Apple, Microsoft, Chase, and Citibank
The stolen database contained approximately 70 million user records . The exposed information included: By taking these precautions, you can reduce the
The initial asking price for the stolen databases on the cybercrime underground was set at roughly $80,000. When the data failed to sell quickly, the hacker eventually leaked the database for free on a popular hacking forum, making it accessible to bad actors worldwide. 2. What Data Was Stolen?
A massive database—roughly 14GB in size—containing was eventually leaked online. This data was initially auctioned for $80,000 before being released for free on hacker forums by a threat actor associated with the group ShinyHunters . What Data Was Exposed? Nitro did force password resets for all users,
Over millions of entries revealing the titles of converted, edited, or signed PDF documents.
Nitro’s case added a unique twist: . Even if passwords are secure, knowing that a specific executive edited a contract named “Acme-Merger-Final-v4.pdf” on a specific date provides valuable intelligence to competitors or hackers planning phishing attacks.
The most direct financial impact fell on affected individuals. The West Virginia incident demonstrated how data exposure can translate directly into , with fraudulent returns filed using stolen Social Security numbers, delaying legitimate refunds and leaving victims in financial limbo.
After failing to secure a buyer at the premium price, the threat actor leaked the entire database for free on a popular hacking forum. What Data Was Compromised?