Hello You!
On a single day, you can download up to 4 PDFs for free!
The breach highlighted the dangers of
Provide clear, accurate communication to users early in the discovery process to help them take protective measures. nitro pdf data breach
An Amazon Web Services (AWS) S3 bucket, owned by Nitro Software, was completely —no password, no encryption, no access restrictions. Inside: a staggering 77 million user records , spanning from 2014 to the date of discovery. The breach highlighted the dangers of Provide clear,
Diachenko followed responsible disclosure protocols: he immediately alerted Nitro Software. Initially, the company was unresponsive. After multiple attempts over several days, Nitro finally secured the bucket on . In the world of document productivity, Nitro Software
In the world of document productivity, Nitro Software has long been a trusted name—a legitimate alternative to Adobe Acrobat, beloved by enterprises and individuals alike for its PDF editing, eSigning, and conversion tools. But in October 2020, that trust was shattered.
The breach impacted:
| | What They Did Wrong | |-------------------------|-------------------------| | Secured database within 24 hours of disclosure | Did not immediately notify users upon discovery | | Used bcrypt hashing for passwords | Legacy database was exposed for an unknown period (possibly weeks) | | Forced password resets for all users | Initial disclosure was via third-party researchers, not proactive | | Published a security advisory | No public breach portal for users to check individual status |
Bundle
Worksheet
Save