A new data breach incident has been reported. According to information security services specialists, Foxit Software, developers of the popular PDF reader app Foxit, has suffered a security incident in which its servers were compromised by a group of hackers who managed to extract users’ information.
The company hasn’t made any official statements about the incident; nevertheless, one of the users contacted the specialized platform ZDNet, sharing a copy of the security alert that the company sent via email to the compromised users, requesting them to reset their Foxit account access credentials.
“We have detected an unauthorized access
to some of our data systems, including user accounts. The data that users have
entered into our website to create and access their accounts could have been
compromised by unknown hackers,” mentions the security alert sent by Foxit
According to information security services specialists,
data from compromised Foxit accounts include:
The company states that the payment card
information of its customers is safe, as this data is operated by a certified
third party. Using their Foxit accounts, the company’s customers can request
free trials of this service, purchase and download digital material, and view
their purchase or inquiries history.
After this information was leaked, various
members of the cybersecurity community began to raise the possibility of
hackers accessing these accounts using a credential
stuffing attack. However, information security services specialists
believe that because hackers were able to access users’ IP address data, it
should have been an attack on the company’s backend infrastructure. Experts are
still expecting further reports from Foxit Software to left speculation aside.
The main question in this case is whether the
company protected users’ passwords using a process known as
“hashing”, which consists of a sequence of random alphanumeric
characters that prevent hackers from accessing a password in plain text. The
security alert sent to Foxit users only mentioned that users’ passwords were
exposed; it does not specify whether they were protected with hash.
In the event that Foxit passwords do not have
this protection, hackers could easily access these accounts or, even worse,
they could use them to perform credential stuffing attacks on other platforms,
such as email accounts or social media profiles.
For the information security services specialists
from the International Institute of Cyber Security (IICS), it is also worrying
that the company did not even mention a rough date of the incident. If this
happens to be a very old breach, it would be of little use to implement
measures such as password reset. Foxit is presumed to have already hired the
services of a security firm to keep investigation the incident.