Have you ever used a service called Lumin PDF?
“In April 2019, the PDF management service Lumin PDF suffered a data breach. The breach wasn’t publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been “contacted multiple times, but ignored all the queries”. The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token. The data was provided to us via HIBP by a source who requested it be attributed to “JimScott.Sec@protonmail.com”.
Please take the following actions if you have ever used LuminPDF:
Change your password right away and do never use the same password twice (see my article on credential stuffing below)If you have ever connected your Google Account to Lumin PDF you also need to close this connection as it may not be secure anymore. In order to do this please follow these steps from your computer:
On your computer, go to drive.google.com.Click the cog (settings) icon in the top-right menu bar.Click the Settings option in the drop-down menu.Click Manage apps in the side-menuDo you see Lumin PDF in here?If you do see it, Next to the Name, click Options.Click Disconnect from Drive.
3. Send an email to Lumin PDF and let them know that you are aware of the breach and ask them to provide you with Identity protection and credit Monitoring services.
Please let me know if you need anything at all.
Max Roberts. Incognito Privacy care.