Canva

In May 2019, Australian tech unicorn Canva experienced a significant data breach affecting 137 million users. Despite having a user base of approximately 55 million active monthly users at the time, the breach far exceeded this figure. The cybercriminal, known as Gnosticplayers, gained access to usernames, real names, email addresses, country information, encrypted passwords, and partial credit card data. The breach was publicized when the hacker contacted ZDNet. Canva responded by prompting a password reset for affected accounts and enhancing their security measures.

Source: https://www.upguard.com/blog/biggest-data-breaches-australia

TPRM report: https://scoringcyber.rankiteo.com/company/canva

"id": "can420051124",
"linkid": "canva",
"type": "Ransomware",
"date": "05/2019",
"severity": "100",
"impact": "",
"explanation": "Attack with significant impact with customers' data leaks"

{'affected_entities': [{'customers_affected': '137 million',
                        'industry': 'Technology',
                        'location': 'Australia',
                        'name': 'Canva',
                        'type': 'Company'}],
 'data_breach': {'number_of_records_exposed': '137 million',
                 'personally_identifiable_information': ['usernames',
                                                         'real names',
                                                         'email addresses',
                                                         'country information'],
                 'type_of_data_compromised': ['usernames',
                                              'real names',
                                              'email addresses',
                                              'country information',
                                              'encrypted passwords',
                                              'partial credit card data']},
 'date_detected': 'May 2019',
 'date_publicly_disclosed': 'May 2019',
 'description': 'In May 2019, Australian tech unicorn Canva experienced a '
                'significant data breach affecting 137 million users. Despite '
                'having a user base of approximately 55 million active monthly '
                'users at the time, the breach far exceeded this figure. The '
                'cybercriminal, known as Gnosticplayers, gained access to '
                'usernames, real names, email addresses, country information, '
                'encrypted passwords, and partial credit card data. The breach '
                'was publicized when the hacker contacted ZDNet. Canva '
                'responded by prompting a password reset for affected accounts '
                'and enhancing their security measures.',
 'impact': {'data_compromised': ['usernames',
                                 'real names',
                                 'email addresses',
                                 'country information',
                                 'encrypted passwords',
                                 'partial credit card data']},
 'references': [{'source': 'ZDNet'}],
 'response': {'remediation_measures': ['password reset for affected accounts',
                                       'enhancing security measures']},
 'threat_actor': 'Gnosticplayers',
 'title': 'Canva Data Breach',
 'type': 'Data Breach'}

Canva

Young Consulting

IdeaLab

Cleo