Australian document productivity company Nitro Software Inc. has suffered a data breach with customer data being offered for sale on the dark web.
The company, which provides services to much of the Fortune 500, was hacked sometime earlier this month. In a statement last week to the Australia Stock Exchange, Nitro advised that they had been impacted by a “low impact security incident” involving “limited access to a Nitro database by an unauthorized third party.”
“Low impact” is an interesting choice of words. According to Bleeping Computer, the data stolen included the company’s user and document databases along with 1 terabyte in documents created by Nitro’s customers.
The data, offered at a starting price of $80,000 on a dark web site is said to include 70 million user records containing email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses and other system-related data.
Data breaches in 2020