Canva under cyber-attack, with reportedly as many as 139 million users affected

In a statement on the Canva website, the startup said it had notified the relevant authorities. “At Canva, we are committed to protecting the data and privacy of all our users and believe in open, transparent communication that puts our communities’ needs first,” the statement said. “On May 24, we became aware of a security incident. As soon as we were notified, we immediately took steps to identify and remedy the cause, and have reported the situation to authorities (including the FBI). “We’re aware that a number of our community’s usernames and email addresses have been accessed.” The statement also confirms that “hackers” are believed to be responsible for the security breach. ZDNet has reported that hacker organisation GnosticPlayers has claimed responsibility for the attack and that as many as 139 million users could be affected. Government agency the Australian Cyber Security Centre (ACSC) has confirmed that it has knowledge of the incident and is also advising users to change their passwords. Business Insider Australia understands that Canva proactively alerted the ACSC to the breach.