Tech giants utilize various PDF utilities across different departments, making them vulnerable to vendor leaks.
In October 2020, security researchers discovered that a threat actor had compromised Nitro’s cloud environment. The hacker successfully exfiltrated a massive database containing user accounts, corporate names, and millions of digital documents.
In late 2020, Nitro Software suffered a database breach that compromised its cloud services. The attack was executed by a financially motivated threat group known as ShinyHunters. This group is notorious for targeting cloud databases, exploiting misconfigurations, and stealing massive troves of user data to sell on the dark web.
Today, Nitro Software still operates—it was acquired by a private equity firm in 2021 and continues to sell PDF tools. But for the 77 million users whose data was left exposed on the open internet, the company’s name will forever be linked to one of the most avoidable breaches in SaaS history.
Fortunately, it appears that the breach did not involve access to or theft of customer PDF files. The compromised data seems to be limited to user account information and not the actual PDF files stored on Nitro PDF's servers.
If you want to investigate how this breach might affect your current setup, let me know: Are you looking to ?
A well-known threat actor group placed the stolen data up for auction on the dark web, setting a starting price of roughly $80,000.
