Getting started

FBI investigating a hack on Canva’s database

- May 27, 2019 2 MIN READ

Canva wrote to its customers on the weekend recommending they change their passwords as a precaution, while reassuring them that all user passwords were salted and hashed with bcrypt to make them unreadable by external parties.

Australian design platform Canva’s customer database was attacked on Friday, with hackers stealing usernames and email addresses, as well as encrypted passwords.

Canva wrote to its customers on the weekend recommending they change their passwords as a precaution, while reassuring them that all user passwords were salted and hashed with bcrypt to make them unreadable by external parties.

Canva used by more than 15 million people

The Sydney-based tech startup, which recently raised US$70 million, valuing the business at US$2.5 billion (AU$3.6bn) has been used by more than 15 million people in 190 countries.

Canva’s head of communications, Liz McKenzie, said the company discovered the attack on its systems while it was underway on May 24.

“As soon as we were notified we immediately took steps to identify and remedy the cause and have reported the situation to authorities,” she said.

“As a precaution, we recommend changing your Canva password. If you use the same email and password on other sites you should change the passwords on those sites too.

“Our team is working around the clock to deal with this situation, and we really appreciate your support and understanding.

“We are very sorry for any concern or inconvenience this may cause.”

The FBI is helping to work out what happened

The business is working with the US Federal Bureau of Investigations (FBI) and a forensics team to diagnose what happened and put additional processes in place to help prevent another attack.

“We are committed to protecting the data and privacy of all of our users and will be implementing every possible safeguard to ensure this doesn’t happen again,” the company said

It said logins via Facebook or Google are also encrypted and unreadable by external parties, so passwords on Facebook or Google don’t have to be changed.

They did not find evidence that the hackers accessed user designs and the company does not retain credit card information, and transactions are encrypted, so credit card details were not compromised, they said.

Earlier this month Canva announced it had acquired stock photography sites Pexels and Pixabay for undisclosed sums, as well as launching Photos Unlimited, which CEO and founder Melanie Perkins described as a “Netflix-style” subscription site for “more affordable” paid stock photography.

This post originally appeared on Start Up Daily. 

Previous article
Next article
Tags
Startup Daily

Latest News

media expert being interviewed Communication skills Nine must know rules when dealing with the media
- April 15, 2024
Confident kid in pilot and rocket costume symbolising small business firing on all cylinders Opinion Small businesses are optimistic: It’s time to support them, says Ombudsman
- April 15, 2024
tap and go card payment in cafe comes at aa cost - transaction fees Financial management Understanding transaction fees: A guide for business owners
- April 10, 2024
magnifying glass on a piece of text highlighting the words SEO search engine optimisation. Adobe stock. Digital marketing SEO: The work is the reward
- March 28, 2024
customers want meaning when they spend money Business psychology Want customers to spend more? Get a little spiritual
- March 25, 2024
conversion rate hand turns a dial up on a meter reading conversion rate. Sales strategies Top 7 conversion mistakes to avoid
- March 25, 2024
TikTok app open on phone Uncategorized TikTok can be a small business gamechanger and I’m proof
- March 25, 2024
personal service tax - blocks stacked in a pyramid with tax block at teh top. Financial management How the ‘Personal Services’ income tax rule could impact your business
- March 18, 2024

Here’s why you need to upgrade your Flying Solo membership pronto!

  • Share your business journey in an exclusive member profile
  • Get free lifetime access to our Going It Alone digital course
  • Participate in members-only events and experiences
  • Boost your business’ visibility with a Directory listing
$149.95 + GST
Billed annually
Learn More Join Now

  • Andrew Caska

    Caska IP Patent Attorneys

    'Flying Solo opened up so many doors for us - I honestly don't know where I'd be without it"