Lumin PDF Users Data Leaked With Google Access Tokens- How To Disconnect from GDRIVE

ZDNET just reported that the data of 24.3 million Lumin PDF users were shared on a hacking forum. The names and email information were leaked but fortunately, the passwords were hashed with Bcrypt a fariley strong encryption algorithm. However, the Google Session Access tokens which allow you to stay connected through GDRIVE might be active. "Armed with these tokens you could run the risk of an account takeover. The ZDNET article points out “In the meantime, the most dangerous part of this leak is the presence of Google access tokens in the leaked data.”

These access tokens can allow malicious threat actors to pose as legitimate users and access Google Drive accounts. So you might want to revoke the automatic authorization in Google Drive

How to protect yourself

  • Go into your Google Drive Settings
  • Click on the gear at the right top dash and choose settings
  • From the left nav bar choose Manage Apps
  • Then choose to either uncheck “use by default” or in the options box next to it choose - disconnect from Drive

Featured Webinars


Advanced Phishing and
Training

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More
Gold/Platinum/Diamond
Features

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service