GnosticPlayers hacked Canva graphic design server and stole data 139 million users

In February-March 2019, a hacker (or a group of hackers), hiding under the pseudonym GnosticPlayers, put up for sale on the Dream Market marketplace data for 863 million users.

The dumps did not appear immediately, but were broken up into four separate “lots” and in total they included information about users and customers of 38 companies. In April, GnosticPlayers returned with the fifth “collection” of users’ data, putting up for sale data of another 65.5 million people, leaked from six different companies.

The ZDNet publication reports that after a short silence, hacker resumed activity, and this time he reported about hacking of Australian graphic design service Canva, which is included in the Top-200 sites in the Alexa rating.

According to GnosticPlayers, he compromised Canva at the end of last week.

“I download everything up to May 17, they detected my breach and closed their database server”, – the hacker said.

Nevertheless, hacker managed to steal the data of 139 million people.

Stolen information included usernames, full names, email addresses, as well as data on the city and country of residence (if specified). In addition, the database had password hashes for 61 million users protected by bcrypt, as well as Google tokens that were used to access the site without a password.

ZDNet journalists received from the hacker a “sample” database: data on 18,816 accounts, including accounts of some employees and site administrators. These data helped the publication to establish the reliability of the dump.

Sample of stolen Canva's data
Sample of stolen Canva’s data

ZDNet representatives contacted Canva employees, notifying them of the incident and asking for a comment.

“We securely store all of our passwords using the highest standards (individually salted and hashed with bcrypt) and have no evidence that any of our users’ credentials have been compromised. As a safeguard, we are encouraging our community to change their passwords as a precaution”, – the Canva said.

Nevertheless, Canva conducts careful investigation of the incident and recommends users change passwords as a precaution..

Meanwhile, after Canva is compromised, GnosticPlayers will have 45 hacked companies and over a billion stolen users’ data.

Canva is one of Australia’s biggest tech companies. Founded in 2012, the Canva website has become a favorite among regular users and large companies who often use it to build quick websites, design logos, or put together eye-catching marketing materials.

Three days ago, the company announced it raised $70 million in a Series-D funding round, and is now valued at a whopping $2.5 billion.


Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button