24.3 Million Lumin PDF Users Shared On Hacking Forum

A hacker has published the entire user database of Lumin PDF, this contains more than 24 million users records. According to ZDNet the hacker resorted to releasing user records after Lumin PDF administrators didn’t respond to numerous queries over the past several months.

Lumin PDF is a cloud-based service letting users view, edit, and share PDF files from a web browser, or with the company’s mobile apps. The company is best known as a third-party app that users can install on Google Drive to open and edit otherwise uncooperative PDF files.

Today, the hacker published a download link to a 2.25GB ZIP file that contains a 4.06GB CSV file containing the user records of 24,386,039 Lumin PDF users. According to ZDNet the majority of user records in the CSV have users’ full names, email addresses, gender, (language) locale settings, and a hashed password string or Google access token.

The hacker claimed on RAID forums that this data is from a MongoDB database owned by Lumin PDF, which was left exposed without a password since April this year. He said, “Vendor was contacted multiple times, but ignored all the queries,” adding: “The data was later destroyed by ransomware, and server taken down soon after.”

Destructive attacks on MongoDB servers aren’t new and have been happening since late 2016, says ZDNet. It is pretty common for MongoDB to have their content deleted with a ransom note left behind for the victim to pay for data that no longer exists.

It’s not known why this hacker chose to share Lumin PDF’s user records, despite the server and data being no longer available. I have reached out to the hacker to find out, given that any information from Lumin PDF is likely to be entirely uninteresting.

A Google spokesperson said to ZDNet that the company is investigating the incident. In the meantime, to prevent unauthorized access to Google Drive accounts due to the leak of Google access tokens, users who authorized Lumin PDF should revoke the app’s access to their Drive account.

H/t ZDNet – Header Image: Lumin PDF website screenshot

Comments are closed, but trackbacks and pingbacks are open.