A massive data breach suffered by the Nitro PDF might have a severe impact on well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank.
Nitro Software, Inc. develops commercial software used to create, edit, sign, and secure Portable Document Format (PDF) files and digital documents. The company has over 650,000 business customers worldwide, and claims millions of users across the globe.
According to the following the security advisory issued by the software maker and unauthorized third party gained limited access to a company database.
Cybersecurity intelligence firm Cyble came across a threat actor that was selling a database, allegedly stolen from Nitro Software’s cloud service, that includes users’ data and documents. The huge archive contains 1TB of documents, the threat actor is attempting to sell it in a private auction with the starting price of $80,000
The databases contain a large number of records belonging to well-known companies:
Company | # of accounts | # of documents |
Amazon | 5,442 | 17,137 |
Apple | 584 | 6,405 |
Citi | 653 | 137,285 |
Chase | 85 | 177 |
3,678 | 32,153 | |
Microsoft | 3,330 | 2,390 |