Nitro Data Breach and Logon Problems

[Malcolm Lyle Jr]

I was notified by Dashlane that GoNitro was breached last year and my data and password might be compromised. I tried to logon and was unable to get past the email. My original logon, created many years ago prior to Nitro Pro 7 was via ID, not email. My email was part of the profile as I have gotten many email from Nitro over the years. So I used my email instead of the ID, but got the error that had had an invalid email/password problem, I tried to reset my password, but the password reset email did not get sent to my email account.

I wanted to ask Nitro for help, but there is no direct customer support for common users like me.

So I am on the forum, and I hope someone can help me get my GoNitro account reactivated so I can create a new password.

But since I am unable to logon, I should be safe as the info stolen will not allow anyone to logon to my account.

I have a suggestion, temporarily allow all GoNitro customers to access VIP support to get their GoNitro accounts protected.

Edited January 20, 2021 by AllainU

[Allain Umailin]

Hello @Malcolm Lyle Jr,

Thank you for reaching out to us through our Community Forums and our sincere apologies for the inconvenience this has caused you.

To further assist you, I have executed a password reset of your Nitro Cloud account where you have used your Gmail address. Please check your inbox and if you did not receive it, kindly also look inside Spam / Junk folder as sometimes our emails goes there.

To know more about this isolated incident, here is the link for more details, latest updates and action plan in-place by our IT-Security team:  https://www.gonitro.com/nps/security/updates#security-incident-update

Again, our sincerest apologies for this inconvenience.

Thank you and stay safe always!

[Derrick Kerley]

Hi

I disagree this is an isolated incident. Firefox gave the heads up that my account was compromised on the 20.Sept 2020.  I was notified yesterday by Firefox

Like Malcolm I tried to find an email address to ask more about this. 

My accounts could be reset, but your admin.gonitro.com page did not work correctly, I had to first login to my Nitropro PDF account before the admin.gonitro.com login would work!

I think you might need to urgently review your security policy and how you action breaches.

Why have you not implemented a two stage verification option for accounts?

regards

Derrick

 

Edited January 22, 2021 by AllainU

[Allain Umailin]

Hello @Derrick Kerley,

Thank you for reaching out to us through our Community Forums and our sincere apologies for the inconvenience this has caused you.

In line with resetting your Nitro Sign password, please visit https://cloud.gonitro.com/ , enter your email address and click our 'Forgot Password?' link.

With regard to implementing a two stage verification option for Nitro Sign accounts and if you have further questions about this incident, feel free to send a direct email to our Incident Response Team through incident@gonitro.com 

Again, our sincerest apologies for this inconvenience.

Thank you and stay safe always!

[DakotaR/T]

I too was notified by Firefox on 1-19-2021 that my email address was found compromised from the Nitro site data breach.

[TG2]

I would have to say the other two are lucky .. I didn't get notified by anyone, I just got spam on Saturday that directly identified my alias address that was used here only on GoNitro.com's forums.

Thanks' Nitro .. you really have users data security at heart.  Worse is reading on line that Nitro hasn't really posted information nor admitted the scope of the breach yet.

Oh but nitro has a public statement in the investor relations area? .. I'm not an investor ... why would I go there to find such things? I often publicly sigh <sigh> at the level of stupid growing in this world.

What I'd expect:

1. General notification - We've experienced a data breach, we're investigating, here's our pronouncement with option to continue to receive notifications as the breach investigation continues, or on X days / weeks / monthly.
2. banner / announcement notifications - nitro's more than happy to stick noobs registration up there like some welcome to the club hoopla, but when it comes to "oh by the way your email address and potentially every file you've ever stored in our cloud could be in hackers hands" .. that's buried on Nitro's investor relations page .. where I get it .. makes sense for you as a company because if any of your investors found out you didn't disclose .. you'd be sued into non-existance.
3. an open apology posted for *NOT* having the above with a commitment that you'll do better in the future.

Not happy Nitro .. looks like its time to switch my PDF Editor software.

======

https://www.techradar.com/news/nitro-pdf-suffers-massive-data-breach-exposing-microsoft-google-amazon-documents

“Nitro's investigation into the incident remains ongoing. There is no evidence currently that any sensitive or financial data relating to customers has been impacted or that any information has been misused. Nitro has elevated its monitoring and security protocols and has not identified any further malicious activity connected to the incident.”

Nitro Software data breach

Although Nitro Software claims that no sensitive financial data was lost as a result of the breach, the cybersecurity firm Cyble has revealed to BleepingComputer that the company's user and document databases as well as 1TB of documents allegedly stolen from the company are being sold online in a private auction starting at $80,000.

According to Cyble, the user credential database table contains 70m user records which contain the email addresses, full names, bcrypt hashed passwords, titles, company names, IP addresses and other system data from Nitro Software's customers.

For instance, the database reportedly contains 17,137 documents from Amazon, 6,405 from Apple, 137,285 from Citi, 32,153 from Google and 2,390 from Microsoft. There is also a great deal of information related to financial reports, M&A activities, NDAs and product releases included in the database.

"Nitro continues to investigate an isolated security incident involving limited access to a Nitro database by an unauthorised third party," Nitro told TechRadar Pro in a statement.

[Allain Umailin]

Hello @TG2,

Thank you for reaching out to us through our Community Forums and our sincere apologies for the inconvenience this has caused you.

We would love to forward your feedback to our Incident Response team, however, could you please provide your first and last name?

To send it via private message, hover your mouse on top of my name 'AllainU' and select 'Message'.

Again, our sincerest apologies for this inconvenience.

Thank you and stay safe always!

[Allain Umailin]

Hi @DakotaR/T,

Thank you for reaching out to us through our Community Forums and our sincere apologies for the inconvenience this has caused you.

To know more about this isolated incident, here is the link for more details, latest updates and action plan in-place by our IT-Security team:  https://www.gonitro.com/nps/security/updates#security-incident-update

If you have not executed a reset password of your Nitro Sign account, please let us know and we would love to have it done in your behalf by logging into our Cloud server.

Otherwise if you do not have an account with us, it is possible that have received a document in the past that requires signing where the sender used a Nitro Sign account.

Again, our sincerest apologies for this inconvenience.

Thank you and stay safe always!