Lumin PDF
What was exposed
Auth tokensEmail addressesGendersNamesPasswordsSpoken languagesUsernames
What to do if you were affected
- Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In April 2019, the PDF management service Lumin PDF suffered a data breach . The breach wasn't publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been "contacted multiple times, but ignored all the queries". The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token.
Frequently asked questions
What is the Lumin PDF data breach?
In April 2019, the PDF management service Lumin PDF suffered a data breach . The breach wasn't publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a...
When did the data breach happen?
This data breach occurred around April 2019.
How many accounts were affected?
Around 15,453,048 accounts were affected.
What information was exposed?
Exposed data included Auth tokens, Email addresses, Genders, Names, Passwords, Spoken languages and Usernames.
What should I do if I was affected?
Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches