Canva

In May 2019 the popular graphic design platform Canva suffered a massive data breach affecting approximately 137 million users. A hacker known as Gnosticplayers gained unauthorized access to the systems and exfiltrated a database containing sensitive user information. The compromised data included email addresses, full names, usernames, and geographic locations. Additionally, bcrypt hashed passwords were exposed for a large portion of the user base while others had their data linked to Google or Facebook tokens. Canva acknowledged the incident and forced a password reset for users who did not use social logins.