Hacker Exposes Data of 24 Million Lumin PDF Users

A hacker has published a download link to the entire user database of Lumin PDF, totalling more than 24 million users, on a hacking forum.

ZDNet reports that the hacker resorted to this tactic after Lumin PDF administrators didn't respond to numerous queries he'd made over the past few months.

The hacker claimed the data was obtained from a MongoDB database belonging to Lumin PDF, which was left exposed without a password in April this year. "Vendor was contacted multiple times, but ignored all the queries," wrote the hacker on the forum, adding: "The data was later destroyed by ransomware, and server taken down soon after."

Most of the published data showed the users' name, email addresses, (language) locale settings, and a hashed password string or Google access token. However, the data of nearly 120,000 users contained "password strings that appear to have been hashed using the Bcrypt algorithm, suggesting these are users who registered an account on the Lumin PDF website."

Google has been made aware of the incident, including the leaked access tokens, which can "allow malicious threat actors to pose as legitimate users and access Google Drive accounts."

Lumin PDF users are advised to revoke the app's access to their Google Drive account (instructions are also on the Google Drive support page):

- On your computer, go to drive.google.com.

- Click the cog (settings) icon in the top-right menu bar.

- Click the Settings option in the drop-down menu.

- Click Manage apps in the side-menu

- Next to the app, click Options.

- Click Disconnect from Drive.

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.