Lumin PDF

In April 2019 the PDF management service Lumin PDF suffered a major data breach due to a misconfigured MongoDB database. The incident remained unreported until September 2019 when a massive database containing information on 15.5 million users was shared on a popular hacking forum. The breach included sensitive user details such as full names and email addresses. Depending on the account type the leak also exposed Bcrypt hashed passwords or Google OAuth authentication tokens which allowed access to user accounts and integrated cloud storage services.