Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Software

Company Behind Foxit PDF Reader Announces Security Breach (zdnet.com) 17

An anonymous reader quotes a report from ZDNet: Foxit Software, the company behind the Foxit PDF reader app, said today that hackers breached its servers and have made off with some user information. ZDNet learned of the breach from a Foxit customer who shared a copy of the email the company is sending out to affected users, asking them to choose new passwords when logging in the next time.

According to this email, the security breach impacted the company's website, and, namely, information stored in the My Account section. Foxit web accounts are how the company manages its existing customers and is where users can access trial software, download purchased products, and access order histories. Foxit said hackers managed to access MyAccount data such as email addresses, passwords, real names, phone numbers, company names, and IP addresses from which users logged into their accounts. Due to the presence of IP addresses in the data hackers managed to access, this is believed to be a breach of Foxit's backend infrastructure, rather than a credential stuffing attack.
The email did not mention if passwords were either hashed or salted. However, Foxit said it did invalidate all passwords for customers who it believed were impacted by the breach.

What's also unknown is when exactly the security incident took place. It could've happened this week, last month, or in previous years.
This discussion has been archived. No new comments can be posted.

Company Behind Foxit PDF Reader Announces Security Breach

Comments Filter:
  • I loved Foxit it was a great reader on Windows, but with browsers supporting PDF surely it has lost its relevance. Adobe reader is not the nightmare it once was. I was going to mention Evince which I love as a PDF reader, but the windows version seems no more.

    • by Khyber ( 864651 )

      Yes, I still use Foxit. Better than some vuln exploited in the browser leaking shit.

    • by Ormy ( 1430821 )
      I use it for editing PDFs. Glad I used a pirated copy now. May pirate more software in the future, not to avoid paying, but to avoid my info being leaked when their servers are inevitably hacked.
    • Adobe reader is not the nightmare it once was.

      It's still a nightmare, but Foxit has evolved and bloated to the point where it's just as bad. I remember when Foxit was a small, lightweight reader without all the bloat and vulns of Acrobat, but now it's just as slow, bloated, and buggy. There's lots of alternatives, I use STDU Viewer which loads and displays the document I want in less time than Bloatobat takes just to rummage around in its plugins before it's even started. Not saying it's the perfect viewer, just that bloated monstrosities like Acrob

  • by NettiWelho ( 1147351 ) on Friday August 30, 2019 @08:13PM (#59142810)
    I am sorry, what? Why would I log into a PDF reader? Why does PDF reader software need accounts?
    • Comment removed based on user account deletion
    • read the summary. the website was hacked, not the reader itself

    • Re: (Score:1, Informative)

      by Mononymous ( 6156676 )

      Because people are still using proprietary software. No idea why, really.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Many scummy companies are doing this. I recently picked up a Bluetooth padlock because I saw it at the shop and it was only a few bucks, so I decided to check it out. Turns out that in order to use it you have to not only create an account on their server but the app for it *requires* all sorts of ridiculous permissions like network, contacts, location and camera just to run, and it has to be able to phone home every time you want to unlock the thing or it just won't unlock via Bluetooth (you're SOL if your

      • by tlhIngan ( 30335 )

        Many scummy companies are doing this. I recently picked up a Bluetooth padlock because I saw it at the shop and it was only a few bucks, so I decided to check it out. Turns out that in order to use it you have to not only create an account on their server but the app for it *requires* all sorts of ridiculous permissions like network, contacts, location and camera just to run, and it has to be able to phone home every time you want to unlock the thing or it just won't unlock via Bluetooth (you're SOL if your

  • Parted ways with Adobe back when they switched to the pay the monthly vig method of renting their product to me. Doubt other companies would be so upfront and instant in admitting a data breach. In a world where people use social media that is constantly leeching their data to other parts of the globe.

The sooner all the animals are extinct, the sooner we'll find their money. - Ed Bluestone

Working...