Australian document productivity company Nitro Software Inc. has suffered a data breach with customer data being offered for sale on the dark web.
The company, which provides services to much of the Fortune 500, was hacked sometime earlier this month. In a statement last week to the Australia Stock Exchange, Nitro advised that they had been impacted by a “low impact security incident” involving “limited access to a Nitro database by an unauthorized third party.”
“Low impact” is an interesting choice of words. According to Bleeping Computer, the data stolen included the company’s user and document databases along with 1 terabyte in documents created by Nitro’s customers.
Australian document productivity company Nitro Software Inc. Has suffered a data breach with customer data being offered for sale on the dark web.The company, which provides services to much of t. Discord Nitro is quite expensive. Many people want to grab Nitro codes in 2020, and that's why we are proud to announce that we giveaway free Nitro subscribtions. With our giveaway, you can claim your Gift of 1 year of discord Nitro.
The data, offered at a starting price of $80,000 on a dark web site is said to include 70 million user records containing email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses and other system-related data.
Data breaches in 2020 are a dime a dozen, but where this becomes more interesting than others is that Nitro clients include Google LLC, Apple Inc., Amazon.com Inc., Microsoft Corp., JPMorgan Chase & Co. and Citigroup Inc. Among the stolen data is tens of thousands of accounts and documents linked to those companies, including financial reports, merger and acquisition activities, nondisclosure agreements and product release details.
In the words of Bleeping Computer, “this could be one of the worst corporate data breaches we have seen in a while.”
Officially, Nitro is downplaying the data breach, saying in a statement that “Nitro continues to investigate an isolated security incident involving limited access to a Nitro database by an unauthorized third party. The database does not contain user or customer documents, which are hosted in a separate database.”
“While we don’t know how the data breach involving the Nitro PDF service may have come about, it’s likely from phishing campaigns and stolen credentials, or from exploiting vulnerabilities in applications, as these are the two most common sources of breaches,” Jayant Shukla, chief technology officer and co-founder of application security firm K2 Cyber Security Inc., told SiliconANGLE.
“To protect themselves, organizations need to make sure that not only are they using phishing detection and training employees to recognize phishing, they also need to make sure they have defense in depth for all of their applications, data and assets that are internet-facing,” Shukla explained. “This includes making sure their devices and software are up to date and patched, and they have runtime application security in place for their applications.”
Nitro Type Hacked Account Username And Password Generator
Equally important, he added, organizations need to make sure they vet the security of the many partners and third party organizations that they depend on as thoroughly as they vet their own security infrastructure.
On a day the Australian Stock Exchange All Ordinaries was down 1.9%, the share price of Nitro fell almost 4% as of 1:52 p.m. AEDT (10:52 p.m. EDT).
Nitro Type Accounts With Passwords
Image: Nitro Software
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.