What Happened: The Lumin PDF Breach
In recent years, we’ve been increasingly reading news about information leaks from popular internet resources. Most often, these situations occur with cloud storage.
For one thing, cloud storage has become popular, since it is a convenient platform for storing and syncing files in one place from different devices.
However, what about the security of such services? Is it safe to use them? Do you remember a massive data leak from Dropbox or a bug in the functioning of iCloud?
In the article Is Dropbox Private and Safe to Use? we’ve discussed in detail the issue of security using this platform.
Not so long ago, the net was stirred up by a report about a Lumin PDF breach. After the reporting by ZDNet the millions of users’ data was publishing in a hacker forum, no one was left in any doubt that Lumin is not the most secure platform for reading PDF files.
After some time has passed, our team has decided to analyze this situation again and address the question: is it safe to use Lumin or not? In addition, let’s explore whether PDF files can contain viruses or not.
We’ve prepared a list of malware types. If you want to understand them and how to prevent them, read more here.
What is Lumin?
Lumin PDF is a special platform that allows users to download, view and make changes to various PDF files using a browser. Lumin has many built-in tools for working with PDF files: you can select the necessary parts of the document, edit, delete, underline, add pictures or draw patterns, and add captions or comments to certain paragraphs.
This platform began to gain popularity after its promotion by Google. Lumin was chosen as a third-party application for using PDF files when working with documents on Google Drive. To do this, you need to get permission to connect to a specific user account. After that, the user can work with the PDF documents in Lumin as necessary.
Despite the positive side of this platform, which makes it easier to work with Google documents, there are still negative aspects. For example, the platform cannot guarantee data confidentiality and protect the account from external threats. One of these bad situations happened in 2019.
Lumin PDF breach: What happened?
Based on data published by ZDNet, more than 24 million users’ data was stolen and posted on a hacker forum. All data was contained in a CSV file.
The most interesting thing is that the ZDNet insider contacted Lumin several times to warn about the vulnerability and possible data leakage. However, the company ignored his requests and did not change anything to improve security.
The hacker who published the data claimed that Lumin stored and sorted this information in the MongoDB online database without a password for authorization. Therefore, anyone who knows how to use a computer could access the data in the shortest time.
Any personal information that becomes available on the internet is the earnings of all hackers.
After the leak, ZDNet turned to the company and Google for any comments on this matter. According to one of the company’s directors, the access tokens that the hackers acquired were already expired, so they could not access any user information.
So, the vital data that was hacked in this case was Google access tokens and hashed passwords. The main danger of such a leak is the risk that these passwords and other confidential information can be used to gain access to other services which use the same data for authentication.
Therefore, it is important to remember that using the same passwords for different services is dangerous.
*If you’re still doing this, it’s time to pause and change your passwords on all your services. After that, we’ll continue.
As a rule, most cases of data leakage occur after a successfully planned cyberattack. This can be either a Trojan or the use of a phishing site that will ask you for all the necessary data to gain access to your email or other service.
To avoid a cyberattack, you need to test and update your security system constantly.
How did Lumin improve the security system?
The good news is that after this Lumin PDF breach, the platform has decided to improve the security system and did the following things:
- It improved access control. Now, to get access to the files, you need to pass a strict check for the data’s authenticity. In addition, measures have been taken to narrow access control. TLS is widely considered superior to other encryption types due to the simultaneous use of two types of encryption: private key and symmetric. Doubly secure, it is able to send sensitive data safely.
- It switched to multi-level encryption to protect data.
- It added a round-the-clock system audit. Now, Lumin monitors suspicious activity on the platform continuously. If any deviations from the normal operation are detected, the system notifies the security system, which takes the necessary actions to prevent attacks.
- It implemented enhanced firewall protection for Lumin PDF servers and databases.
Can PDF have virus?
Let’s agree it would be foolish to put blame only on the Lumin security system. After all, hackers can create various viruses and programs that will bypass all protective measures. For example, the virus may already be contained in a PDF file that you want to open with Lumin or any other program.
One of the most effective ways to prevent a virus from getting through in a file is to scan the document. As a rule, Google Drive has a built-in document scanner to check for viruses in the transmitted files.
In addition, most antivirus programs installed on your computer can automatically scan any document for a virus in it. This can be done by finding the menu, selecting the function, and confirming the actions.
Today, it is important to understand all the nuances of various malware. You can read about the difference between a virus and a worm here.