Company behind Foxit PDF Reader announces security breach
Foxit Software
said hackers breached website accounts and stole user information.
By Catalin Cimpanu for Zero Day | August
30, 2019 -- 14:09 GMT (07:09 PDT)
Foxit Software, the company behind
the Foxit PDF reader app, said today that hackers breached its servers and have
made off with some user information.
ZDNet learned of the breach from a
Foxit customer who shared a copy of the email the company is sending out to
affected users, asking them to choose new passwords when logging in the next
time.
According to this email, the
security breach impacted the company's website, and, namely, information stored
in the My Account section.
Foxit web accounts are how the
company manages its existing customers and is where users can access trial
software, download purchased products, and access order histories.
Foxit said hackers managed to
access MyAccount data such as email addresses, passwords, real names, phone
numbers, company names, and IP addresses from which users logged into their
accounts.
Due to the presence of IP addresses
in the data hackers managed to access, this is believed to be a breach of
Foxit's backend infrastructure, rather than a credential stuffing attack.
A Foxit spokesperson could not be
reached for additional clarification.
WERE THE
PASSWORDS HASHED OR IN PLAINTEXT?
The biggest mystery is if Foxit had
protected customer passwords through a process called hashing and salting.
Hashing and salting a password string prevents an attacker from being able to
read it in plaintext.
The email sent to customers and a
security advisory posted on the Foxit Software website did not mention if
passwords were either hashed and salted.
The software maker said it
invalidated all passwords for customers who it believed were impacted by the
security breach.
However, if the passwords were
available in cleartext, then attackers can use them to gain access to users'
accounts on other websites if users made the mistake of reusing passwords.
Foxit also didn't date the security
incident, and it's currently unknown if the breach occurred this week, last
month, or in previous years. If this is an old breach that has only been
recently discovered, then hackers might have had a huge head start in abusing
the stolen data.
The company did say, however, that
hackers didn't access any financial information. It also said it's working with
a forensic firm to investigate further, and that it notified law enforcement
and data protection authorities.
Foxit Software should not be confused with Fox-IT, a
cyber-security firm with a similar name, which had its own cyber-security incident in December 2017.
Comments
Post a Comment