Security Experts:

Connect with us

Hi, what are you looking for?



Over 328,000 Users Hit by Foxit Data Breach

PDF solutions provider Foxit last week informed customers that it had recently detected unauthorized access to data associated with its “My Account” service.

PDF solutions provider Foxit last week informed customers that it had recently detected unauthorized access to data associated with its “My Account” service.

The company told SecurityWeek that the incident impacted 328,549 users. The compromised data includes names, email addresses, passwords, phone numbers, company names, and IP addresses, but payment information was not exposed.

The My Account passwords of affected users have been reset and a security management firm has been called in to investigate the incident and help Foxit protect its systems against future attacks.

“Foxit has notified law enforcement agencies and data protection authorities and is destined to cooperate with the agencies’ investigations,” the company said.

My Account is a free service that Foxit customers can use to access software trial downloads, product registration information, order histories, and troubleshooting and support information. Foxit says this service stores names, email addresses, company names, phone numbers, and IPs, but payment information is not stored on the company’s systems.

“Customers that use their Foxit ‘My Account’ credentials on other websites or services are encouraged to change their passwords to prevent unauthorized access. Foxit also recommends customers to remain vigilant by reviewing account statements and monitoring credit reports to avoid identity theft. Customers should furthermore be aware that fraudsters may use their data to gather further information by deception (‘phishing’),” Foxit told customers.

Foxit says it has over 525 million users and claims to have sold its products to more than 100,000 customers across 200 countries.

Related: Citrix Completes Investigation into Data Breach

Related: Code Execution Flaws Patched in Foxit PDF Reader

Related: Foxit Reader Update Patches Over 100 Vulnerabilities

Related: OSIsoft Warns Employees, Contractors of Data Breach

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.