The service is said o be used by over 10 thousand business customers and 1.8 million licensed users, Nitro is an application used to create, edit, and sign PDFs and digital documents. On October 21, 2020 Nitro Software issued an advisory to the Australia Stock Exchange, stating that they were affected by a “low impact security incident” but that no customer data was impacted.
Cybersecurity intelligence firm Cyble has revealed that a threat actor is selling the user and document databases, as well as 1TB of documents, that they claim to have stolen from Nitro Software’s cloud service. Cyble states that the ‘user_credential’ database table contains 70 million user records containing email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses, and other system-related data. Cyble has added the data to their AmIBreached.com service.
In terms of the incident, Nitro sent a message to Digital Journal, which states: “Nitro continues to investigate an isolated security incident involving limited access to a Nitro database by an unauthorised third party. The database does not contain user or customer documents, which are hosted in a separate database.
There is currently no established evidence that any sensitive or financial data relating to customers has been compromised. There is no impact to Nitro Pro or Nitro Analytics. ”
Usage of Nitro’s popular free document conversion services does not require users to create and account or become a Nitro customer. Users are required to provide an email address and common email domains are frequently entered.
To gain an insight,Digital Journal caught up with Pravin Rasiah, VP of Product, CloudSphere.
According to Rasiah, the business wolrd is also partly to blame for the incident: “Companies entrusted with customer information have a responsibility to ensure their data stays secure and out of the hands of cybercriminals, who can use this exposed information to launch targeted attacks and gain access to other user accounts and resources.”
The expert explains further: “Without awareness or proactive action to maintain cloud security policies, it’s more likely that malicious actors will target and exploit the system to compromise sensitive information. Complete visibility into the cloud environment combined with proper cloud governance is critical to preventing data breaches and protecting customer data.”
In terms of what is to be done, the analyst adds: “Businesses should invest in a comprehensive set of security tools that monitor and control security status in real time, minimizing the potential attack surface and providing holistic observability into the cloud environment.”
