Canva user data exposed in large scale hack

Canva user data exposed in large scale hack

Australian design tool Canva has been hacked, exposing sensitive user data.

Yesterday the startup confirmed a number of usernames and email addresses were accessed as part of the hack which occurred on Friday, May 24.

According to Canva, passwords were obtained in their encrypted form, meaning they remain unreadable for external parties.

Nevertheless, the tech startup has recommended users change their passwords as soon as possible.

Those who use Facebook or Google to log in to Canva are also not going to be impacted by the hack as those credentials are encrypted and unreadable by third parties.

READ MORE: Facebook confirms millions of passwords compromised

The company says no designs were accessed as part of the hack and no credit card or payment information was exposed as the company does not store that information.

"As soon as we became aware, Canva immediately took steps to determine the nature and scope of the problem, and alerted law enforcement," says Canva.

"We are working with a forensics team that specializes in these types of attacks and the FBI to diagnose exactly what happened and are putting processes in place to help prevent another attack.

"We are committed to protecting the data and privacy of all of our users and will be implementing every possible safeguard to ensure this doesn't happen again."

READ MORE: Meet the young CEO of a leading international cyber security firm

Canva recently completed a $100 million funding round, valuing the Aussie startup at $3.6 billion. This valuation came just days after it completed the acquisition of stock photo companies Pexels and Pixabay.

The Canva hack follows an expensive data breach of property valuer LandMark White earlier this year.

LandMark White says the breach, which led to the company being suspended from the Big Four bank panels for property valuations, has resulted in a loss of revenue of approximately $5-6 million.

Approximately a further $1 million of revenue is likely to be lost between now and the date of full reinstatement by the remaining financial institutions.

The data breach meant approximately 137,500 unique records and approximately 1,680 supporting documents were accessed, including property valuations and the personal contact information of some borrowers, lenders, homeowners, residents and property agents.

This data remained accessible on the dark web for 10 days.

READ MORE: LandMark White's data breach just the beginning for cyber criminals

Never miss a news update, subscribe here. Follow us on Facebook, LinkedIn, Instagram and Twitter.

Business News Australia

Get our daily business news

Sign up to our free email news updates.

Please tick to verify that you are not a robot

 
Unpacking equity: Finding your funding fit
Partner Content
Armed with a growing business and a great opportunity, a business owner’s next challe...
Australian Business Growth Fund
Advertisement

Related Stories

JB Hi-Fi faces class action over allegedly "worthless" warranties

JB Hi-Fi faces class action over allegedly "worthless" warranties

Maurice Blackburn Lawyers is seeking refunds for consumers who purc...

Respiratory tech group 4DMedical to acquire US-based Imbio for up to $68m

Respiratory tech group 4DMedical to acquire US-based Imbio for up to $68m

Respiratory imaging technology company 4DMedical (ASX: 4DX) is acqu...

Chemist Warehouse engineers $8.8b reverse takeover of Sigma Healthcare

Chemist Warehouse engineers $8.8b reverse takeover of Sigma Healthcare

Australia’s dominant pharmacy chain Chemist Warehouse Group i...

Neobank Volt enters solvent liquidation as wind down continues

Neobank Volt enters solvent liquidation as wind down continues

Numerous entities affiliated with failed neobank Volt have entered ...