PDF Reader Biz Breached: Foxit Forces Password Reset

PDF Reader Biz Breached: Foxit Forces Password Reset

Originally Published on this site

PDF Reader Biz Breached: Foxit Forces Password Reset

PDF Reader Biz Breached: Foxit Forces Password Reset 1

Customers of popular PDF firm Foxit Software are being asked to reset their passwords after a data breach at the firm led to unauthorized access.

The developer of the PhantomPDF editor and Foxit Reader PDF reader tools has yet to go fully public with the news and its official Twitter feed remains devoid of any updates.

However, affected customers were emailed late last week and told to choose new passwords after the firm reset their log-ins.

“Foxit has detected that unauthorized access to some of its data systems has taken place, including access to its ‘My Account’ user account data. This means that data you have entered on our website when signing up for our services has likely been accessed by hackers,” the firm admitted.

Compromised information could include user names, email addresses, their company names, phone numbers, passwords and IP addresses. No payment information was affected, Foxit Software added.

However, a number of questions remain: it’s still unclear when the breach happened and how many customers were affected. GDPR mandates 72-hour breach disclosures, so if any EU citizens were caught in the breach, this could be cause for further scrutiny.

It’s also unclear if passwords were secured with strong encryption: if they weren’t scrambled effectively then the hackers may be able to use them in credential stuffing attacks on affected users’ other accounts, in order to unlock services protected by the same passwords.

This is not the first time Foxit Software has come under cybersecurity scrutiny.

Last year, Cisco Talos researchers discovered 18 vulnerabilities in its popular Foxit Reader offering, including critical flaws which could lead to remote code execution.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Vox Messenger Logo - 512x512

End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.

Vox Messenger is an ad-free, secure and end-2-end encrypted alternative to other popular chat messenger apps.

Available for Free. Whitelabel Corporate Edition Available on Request.

Vox Messenger {Secure} - Communicate safely with our private and secure messaging app | Product Hunt Embed

All Rights Reserved - © Copyright 2020 - Vox Messenger (a Division of Kryotech Ltd.)