Canva user data exposed in large scale hack

Canva user data exposed in large scale hack

Australian design tool Canva has been hacked, exposing sensitive user data.

Yesterday the startup confirmed a number of usernames and email addresses were accessed as part of the hack which occurred on Friday, May 24.

According to Canva, passwords were obtained in their encrypted form, meaning they remain unreadable for external parties.

Nevertheless, the tech startup has recommended users change their passwords as soon as possible.

Those who use Facebook or Google to log in to Canva are also not going to be impacted by the hack as those credentials are encrypted and unreadable by third parties.

READ MORE: Facebook confirms millions of passwords compromised

The company says no designs were accessed as part of the hack and no credit card or payment information was exposed as the company does not store that information.

"As soon as we became aware, Canva immediately took steps to determine the nature and scope of the problem, and alerted law enforcement," says Canva.

"We are working with a forensics team that specializes in these types of attacks and the FBI to diagnose exactly what happened and are putting processes in place to help prevent another attack.

"We are committed to protecting the data and privacy of all of our users and will be implementing every possible safeguard to ensure this doesn't happen again."

READ MORE: Meet the young CEO of a leading international cyber security firm

Canva recently completed a $100 million funding round, valuing the Aussie startup at $3.6 billion. This valuation came just days after it completed the acquisition of stock photo companies Pexels and Pixabay.

The Canva hack follows an expensive data breach of property valuer LandMark White earlier this year.

LandMark White says the breach, which led to the company being suspended from the Big Four bank panels for property valuations, has resulted in a loss of revenue of approximately $5-6 million.

Approximately a further $1 million of revenue is likely to be lost between now and the date of full reinstatement by the remaining financial institutions.

The data breach meant approximately 137,500 unique records and approximately 1,680 supporting documents were accessed, including property valuations and the personal contact information of some borrowers, lenders, homeowners, residents and property agents.

This data remained accessible on the dark web for 10 days.

READ MORE: LandMark White's data breach just the beginning for cyber criminals

Never miss a news update, subscribe here. Follow us on Facebook, LinkedIn, Instagram and Twitter.

Business News Australia

Help us deliver quality journalism to you.
As a free and independent news site providing daily updates
during a period of unprecedented challenges for businesses everywhere
we call on your support

How communications technology can raise the bar on customer service, employee experience
Partner Content
From capturing feedback early to providing messages with a higher rate of cut-through, ...
Advertisement

Related Stories

Microbio goes public as med-tech tackles condition that causes 11 million deaths per year

Microbio goes public as med-tech tackles condition that causes 11 million deaths per year

Brisbane-based medical technology company Microbio has stepped...

IT entrepreneur Christian Pacheco on the cusp of launching digital engineer Pia

IT entrepreneur Christian Pacheco on the cusp of launching digital engineer Pia

With its debt facility from a Big Four bank more than doubled to $6...

G'day space: Australia is "go" for launch

G'day space: Australia is "go" for launch

Just after midnight on Monday 27 June, above the vast wilderness of...

Insurance Council declares ongoing NSW floods a ‘significant event’

Insurance Council declares ongoing NSW floods a ‘significant event’

The Insurance Council of Australia (ICA) has activated its prelimin...