Lumin PDF
HighLumin PDF's 2019 breach exposed 15.5M user records, including sensitive personal data and authentication details.
- Records exposed
- 15,453,048 records
- Breach date
- Breach Apr 1, 2019
- Last update
- Updated Sep 18, 2019
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In April 2019, the PDF management service Lumin PDF experienced a significant security breach resulting in unauthorized access to 15.5 million user records. The compromised data was not disclosed until September 2019, when it was shared on underground forums after allegedly being exposed in an unsecured MongoDB database. The leaked information included personally identifiable data such as names, email addresses, genders, spoken languages, bcrypt-hashed passwords, and authentication tokens for Google services.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Users faced potential unauthorized access to their accounts due to exposed login credentials.
- Business Impact
- Lumin PDF encountered reputation damage and trust issues among its user base.
- Affected Sectors
- Software Services
- Data Management
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Immediately update passwords on Lumin PDF and other platforms sharing the same credentials.
- •Revoke access permissions for the detected Google authentication tokens.
- •Monitor accounts for suspicious activity.
Preventive Measures
- •Enterprises should ensure servers, specifically database instances, are securely configured.
- •Regularly audit access permissions and implement robust incident response plans.
Frequently Asked Questions
Common questions about this breach and what it means for you.
Attribution
Additional attribution provided with the breach record.
JimScott.Sec@protonmail.com