Canva user data exposed in large scale hack

Canva user data exposed in large scale hack

Australian design tool Canva has been hacked, exposing sensitive user data.

Yesterday the startup confirmed a number of usernames and email addresses were accessed as part of the hack which occurred on Friday, May 24.

According to Canva, passwords were obtained in their encrypted form, meaning they remain unreadable for external parties.

Nevertheless, the tech startup has recommended users change their passwords as soon as possible.

Those who use Facebook or Google to log in to Canva are also not going to be impacted by the hack as those credentials are encrypted and unreadable by third parties.

READ MORE: Facebook confirms millions of passwords compromised

The company says no designs were accessed as part of the hack and no credit card or payment information was exposed as the company does not store that information.

"As soon as we became aware, Canva immediately took steps to determine the nature and scope of the problem, and alerted law enforcement," says Canva.

"We are working with a forensics team that specializes in these types of attacks and the FBI to diagnose exactly what happened and are putting processes in place to help prevent another attack.

"We are committed to protecting the data and privacy of all of our users and will be implementing every possible safeguard to ensure this doesn't happen again."

READ MORE: Meet the young CEO of a leading international cyber security firm

Canva recently completed a $100 million funding round, valuing the Aussie startup at $3.6 billion. This valuation came just days after it completed the acquisition of stock photo companies Pexels and Pixabay.

The Canva hack follows an expensive data breach of property valuer LandMark White earlier this year.

LandMark White says the breach, which led to the company being suspended from the Big Four bank panels for property valuations, has resulted in a loss of revenue of approximately $5-6 million.

Approximately a further $1 million of revenue is likely to be lost between now and the date of full reinstatement by the remaining financial institutions.

The data breach meant approximately 137,500 unique records and approximately 1,680 supporting documents were accessed, including property valuations and the personal contact information of some borrowers, lenders, homeowners, residents and property agents.

This data remained accessible on the dark web for 10 days.

READ MORE: LandMark White's data breach just the beginning for cyber criminals

Never miss a news update, subscribe here. Follow us on Facebook, LinkedIn, Instagram and Twitter.

Business News Australia

Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support

Does your pay structure answer today's challenges?
Partner Content
If you are not reassessing how your organisation remunerates and rewards employees as a...
Aon
Advertisement

Related Stories

Solar champions Anson Zhang and Jeff Yu win Sydney Young Entrepreneur of the Year Award

Solar champions Anson Zhang and Jeff Yu win Sydney Young Entrepreneur of the Year Award

It was a case of third time's a charm last night for the founde...

ANZ sued by ASIC over alleged lending failures

ANZ sued by ASIC over alleged lending failures

One of the country’s largest banks is in the sights of the Au...

Robot bricklayer FBR to raise $10m for commercialisation

Robot bricklayer FBR to raise $10m for commercialisation

Perth-based robotic bricklaying technology company FBR (ASX: FBR) i...

The Sydney Young Entrepreneur Awards are back with a star-studded line-up tonight

The Sydney Young Entrepreneur Awards are back with a star-studded line-up tonight

Sydney is roaring back to its usual self tonight with finalists in ...