Foxit PDF Software users are urged to reset passwords due to data leak

Foxit data breach detected. Numerous users using My Account services have been involved

Foxit company experiences a breach incident according to which users need to change their security passwords

Foxit Software has recently experienced data breach involving its users and their personal data, including passwords.^[1] People who have been using its services have recently been urged to reset their passwords due to a breach that affected the company having 525 million users worldwide.

Foxit Software is mostly known for its Foxit PDF Reader and PhantonPDF services. Foxit Reader^[2] is a handy tool helping managing PDF documents in many ways – viewing, creating, editing, printing them and similar. The company is located in Fremont, California but also has some offices in other countries such as Berlin, Australia, Fuzhou, etc.

The organization itself has also released an official report claiming that immediate security actions have already been processed. Additionally, Foxit encouraged people to change passwords^[3] as it is a necessary step that should be taken by those who are using My Account users:

Foxit’s security team has immediately launched a digital forensics investigation. The company has invalidated the account passwords for all potentially impacted accounts, requiring users to reset their passwords to regain access to the My Account service.

No information about payments or credit card data has been revealed during the incident

Unrecognizable bad actors are known to have gained remote access to some systems of Foxit that included various personal information about its users. According to the company, hackers have managed to reach details such as:^[4]

• User names.
• Passwords.
• Emails.
• Mobile phone numbers.
• IPs.
• Etc.

Additionally, it is not known if the exposed passwords were properly protected.

However, there still is some good news at this point. The company claims that credit card information, various payment data, and other ID details remain safe and have not been touched by the incident as such type of data is not stored by Foxit:^[5]

The system holds users’ names, email addresses, company names, IP addresses, and phone numbers, but does not hold other personal identification data or payment card information. Foxit does not keep customer credit card information in its systems.

Foxit has been informing users about the breach and urging to be aware of bogus emails

Besides asking people to change their My Account passwords, Foxit Software has taken even more advanced actions towards this unpleasant incident. A strong security agency has been hired to deeply investigate and collect any valuable information about this data leakage.

Additionally, all possibly-infected users have already been informed directly by the company and people are urged to be careful regarding this breach incident as hackers might try to trick victims by sending them bogus emails with fake claims when the true goal is to collect revenue only.

Once a data breach like this one happens, details about the incident overflow the Internet rapidly. For example, exposures that have touched other worldwide companies such as Capital One^[6] still remain a scandal and are being discussed on the web sphere by many security researchers and specialists.

Some damage that might be brought by data leaking activities can be avoided if every company makes their users' security the first priority and pays a big amount of attention to keeping personal data safe and passwords hardy encodable.