On September 16, ZDNet reported that more than 24.38 million Lumin PDF users were disclosed on the Hacking Forum. Lumin PDF is a little-known cloud-based service that allows users to view, edit, and share PDF files through web-based dashboards, browser extensions, or corporate mobile applications.
A hacker posted a download link for the company’s user database, which is a 2.25GB ZIP file containing a 4.06GB CSV file that records information on more than 24.38 million LuminPDF users.For most CSV files contain the user’s full name, email address, gender, locale and hash password string or Google access token. This confirms that most Lumin PDF uses the service as an add-in Google Drive app. The researchers also found that the 115,000 user Lumin PDF data contained password strings that appeared to be hashed using the Bcrypt algorithm, indicating that these users registered their accounts on the Lumin PDF website.
On the forum, the hacker wrote, “The unprotected database was found about 5 months ago. Vendor was contacted multiple times, but ignored all the queries. The data was later destroyed by ransomware, and server taken down soon after. ”
Lumin PDF exec said, “The leaked Google access tokens were all expired at the time of the breach, meaning that the attackers could not gain access to any user documents or signatures. The security vulnerabilities that led to this breach have since been resolved.”
If you are Lumin PDF users and don’t feel safe, you can revoke the app’s access to their Google Drive account. On your computer, go to drive.google.com, click the cog (settings) icon in the top-right menu bar. Click the Settings option in the drop-down menu. Click Manage apps in the side-menu. Next to the app, click Options. Click Disconnect from Drive.
Published by Emerson L. Sullivan & last updated on September 18, 2019 8:30 am