Australian tech unicorn Canva suffers security breach
Canva, a Sydney-based startup that’s behind the eponymous graphic design service, was hacked earlier today, ZDNet has learned.
Data for roughly 139 million users has been taken during the breach, according to the hacker, who tipped off ZDNet.
Responsible for the breach is a hacker going online as GnosticPlayers. The hacker is infamous. Since February this year, he/she/they has put up for sale on the dark web the data of 932 million users, which he stole from 44 companies from all over the world.
Hack took place this morning
Today, the hacker contacted ZDNet about his latest hack, involving Australian tech unicorn Canva, which he said he breached just hours before, earlier this morning.
“I download everything up to May 17,” the hacker said. “They detected my breach and closed their database server.”
Stolen data included details such as customer usernames, real names, email addresses, and city & country information, where available.
For 61 million users, password hashes were also present in the database. The passwords where hashed with the bcrypt algorithm, currently considered one of the most secure password-hashing algorithms around.