The Nitro PDF data breach came to light in October 2020. Cybersecurity intelligence firm Cyble discovered that a threat actor was attempting to sell data allegedly stolen from Nitro Software on the dark web.
The Nitro PDF data breach is a case study in how a single misconfigured database can unravel years of user trust. For the 70+ million affected users, the consequences range from annoying spam to full-blown identity theft, depending on password hygiene and reuse habits.
This last point is crucial: Nitro did store passwords in plaintext. If any service claims otherwise, treat it as misinformation.
If your organization used Nitro PDF services pre-October 2020:
In early 2021, a class-action lawsuit was filed against Nitro Software in the U.S. District Court for the Northern District of California, alleging negligence, invasion of privacy, and violation of data protection laws (including GDPR and CCPA). The case argued that Nitro failed to implement “reasonable security measures.”
Nitro Software was acquired by PDF solutions provider Foxit in 2024 in a deal valued at approximately $278 million. The acquisition promised to leverage the combined scale of two global PDF technology leaders. It remains unclear whether the security posture of Nitro's systems has been fully reassessed under new ownership.
To understand the scale of this incident, it helps to look at the key events as they unfolded over several months.
If you are worried that your information was included in a data breach, it is recommended to use the Have I Been Pwned website to check if your email address has appeared in any known data leaks.
Moreover, Nitro did salt the hashes in a way that prevented rainbow table attacks entirely, though bcrypt’s built-in salting mitigated the worst of it.
The stolen data was later packaged by ShinyHunters—a notorious cybercrime group famous for breaching companies like Wattpad, Tokopedia, and Pixlr—and placed on public hacking forums for a starting auction price of around $80,000. 5. The Immediate and Long-Term Fallout
when an unauthorized third party accessed a company database
Nitro initially reported the incident on October 21, 2020, to the Australian Stock Exchange, claiming no customer data was impacted. Threat Actor: The attack was attributed to the notorious cybergang ShinyHunters , known for selling or leaking massive stolen datasets. Data Leak Timeline:
Nitro PDF data breach , which occurred in September 2020 , was a major cybersecurity incident that exposed over 77 million user records
focused on local, offline processing How to implement an enterprise-wide MFA rollout smoothly Let me know how you would like to proceed. Share public link