The Australian technology unicorn company Canva announced its hacking last May 24, 2019. The security breach reveals the company lost 139 million user data.
According to ZD Net, the hacker named GnosticPlayers tipped off the website to the data breach. The notorious hacker was reportedly selling the data of more than 930 million users on the dark web.
The hacker downloaded user data up to May 17, 2019. Afterwards, the Canva system detected the breach in their security system, thus closing the database server. Some of the information obtained by the hacker from the website include usernames, real names, email addresses, city, and country.
The Financial Review reports that the hacker did not obtain credit card details or other financial information. However, the hacker acquired passwords of the users.
Founded in 2012, Canva claims that it has millions of users in 179 countries. As a web-design online service, users use the website for a variety of ways. ZD Net notes that it includes designing logos, building websites, and creating engaging promotional materials.
The major privacy leak that plagued Canva came days after obtaining series D funding amounting to $70 million. After the recent round of valuation, the Australian Financial Review’s Rich List featured two individuals from the business. This includes chief executive officer Melanie Perkins and co-founder Cliff Obrecht.
Yahoo! notes that the two individuals have an estimated fortune of $500 million each after the valuation.
Canva revealed that it became aware of the breach come May 24. The Financial Review notes that upon learning about the incident, the start-up reached out to cooperate with the authorities. It has reportedly talked with the Federal Bureau of Investigation.
The tech unicorn released a statement on their website. The company said it believes “protecting the data and privacy of all our users.” It also “believe[s] in open, transparent communication that puts our communities’ needs first.”
In the spirit of transparency, the statement mentions that the company uses the highest form of protection to store passwords. However, the business still urges users to change their passwords immediately to avoid compromised accounts.
Under the Public Eye
Despite issuing a statement to the public, the company went under fire for its initial email to users. Yahoo! reports that Dave Hall, an IT consultant, states that the email appears as a form of marketing tactic.
Following this, Canva issued another email to communicate the incident to its users.