Get compensation for the Canva data leak!

Intro

In 2019, Canva, a popular online graphic design platform, faced a massive data breach that impacted a staggering 139 million users worldwide. The perpetrator, known as GnosticPlayers, pilfered sensitive information, including passwords, email addresses, and real names. The aftermath unfolded with a dramatic exchange as GnosticPlayers reached out to ZDNet, divulging the breach details. Fast forward to 2020, Canva made a startling revelation, acknowledging the decryption of four million user passwords. The timeline unveils a narrative of cyber turmoil, prompting a closer look at the vulnerabilities within our digital landscapes.

The Canva Data Breach Explained

What Happened?

An estimated 139 million users were affected by the 2019 Canva data breach. The hacker, GnosticPlayers, stole the passwords, OAuth tokens, email addresses, real names, and addresses of millions of Canva users around the world. GnosticPlayers contacted ZDNet, a technology news site, who claimed they were able to download data before the servers closed. 

Seven months later, Canva released a statement about the Canva data leak on its website stating that the company was aware of the breach and that approximately four million Canva users’ passwords had been decrypted and shared online. 

Timeline

• 2020 (January): Canva became aware that approximately four million users’ passwords were decrypted on January 11, 2020.

• 2019 (May): ZDNet received a message from GnosticPlayers about the breach on May 24, 2019.

Will there be compensation?

It’s common for large-scale data breaches to result in compensation for affected individuals. The exact Canva settlement amount may vary based on factors like the user’s location and the extent of the data breach.

Legal Proceedings and Canva Settlement

The Australian-based design software company immediately took action to mitigate the breach. According to the hacker, and based on the message it sent to ZDNet, Canva was able to detect the breach and managed to shut down the database server.  

Despite the data compromise of the 4 million affected users, no legal action was initiated by the affected parties and no settlement has been reached yet. However, it is worth noting that the fact no lawsuit or any other financial litigation has been started does not mean that Canva is exempted from other legal consequences of this massive data breach. Legal actions and settlements may still unfold in the future. 

How to Claim Canva Compensation

If you want to get compensation for the data breach, you need to join a group lawsuit, also known as a class action. When you do this, you’ll work with a financial litigation partner who handles everything for you. That is us! Your task is just to apply and then wait to get money. 

Remunzo handles all the hard work. We set up the lawsuit and take the corporation to court for you. Corporations don’t want to pay money easily, but Remunzo will fight hard to get your settlement payout. When joining thousands of others in a lawsuit like this, the corporation is more likely to pay and the settlement payment amount per person i.e. how much will you get tends to be higher.

Remunzo will keep you updated about the settlement status. But you need to be patient because it can take months till the settlement payments are done and you get paid. 

Quickly check your eligibility and compensation amount with our simple data leak checker. In under 2 minutes, you’ll know how much money you can get and will be able to claim compensation. Give it a try!

Canva‘s Impact on Users

After the May 2019 Canva breach of privacy, the Australian tech giant quickly sent out emails and other forms of communications to its users to secure their accounts. In order for the users to comply, Canva required everyone to change their passwords before they could continue using the graphic design software.

Canva’s Response and Changes in Data Security

Seven months after the Canva privacy leak and after the company told users to change their passwords, Canva forcibly reset the passwords of those who had not done so after May 24, 2019. The company also partnered with password manager 1Password to offer Canva users a free year of service. 

The company, however, assured everyone that no credit card and debit card details had been compromised in the hacking incident. Though the company admitted that the hacker had viewed partial credit card and payment data, the tech giant stated it had found no evidence that these financial data had been stolen as well. This claim is substantiated by the company.

In the company’s statement, published on its website, Canva affirms that it continues to invest heavily in security. The company listed the following steps, which it started implementing in the aftermath of the event: 

“Notifying our users: We want our users to know that they’ve been affected. We’ve directly contacted users via email, but some users have out-of-date or incorrect email details so we have also used in-app notifications and the press to alert users to the breach. We are following up on our initial notification with individual emails to each user outlining what data was accessed.

Prompting users to change passwords: We’ve asked all users who had passwords set before the attack to change them, and are adding rules to help users set stronger ones.

Resetting OAuth tokens: We’ve worked with our partners to make sure all active login tokens that existed prior to the breach are reset. These users will be prompted to reconnect their Canva account.

Coordinating with partners: We are working with partner agencies to share information about the attack, identify the risk to users, and coordinate responses. For example, we’re alerting the email abuse teams of major providers to make it harder for attackers to phish our users.

Partnering with 1Password: While we recommend that our users use different passwords for each site they use, we know that’s hard. We have partnered with 1Password to offer a year free to Canva users who don’t already use their service.”

Future Implications and Impact on the Industry

Even though the IT company immediately shut down the database server after the Canva hack was detected, the decryption of over 4 million users’ passwords still put their users’ information in jeopardy. OAuth tokens, which were also part of the compromised tokens, may pose a problem as this authentication protocol allows a third party to interact with another app without requiring a password. 

This only highlights the importance of the 2-factor authentication enabled for all software and applications online. Famous and big tech companies are still open to cyberattacks. Encrypted passwords are vulnerable to being decrypted, as demonstrated by GnosticPlayers, who managed to decrypt 4 million passwords. It’s time that Canva offers a 2FA as users’ protection against account theft and, perhaps, better firewalls as a preventive measure against future breaches or unauthorized access attempts.

Other Famous Incidences of Privacy Breaches

Canva is not the only one who got its data stolen. Hundreds of other companies have faced or will face data breaches. Therefore, we strongly suggest using our Compensation Calculator. This tool will help you find out how many compensation claims you are eligible for and how much money you might get — and we can help you easily get it.

Deezer Data Breach 

Do you have Deezer? 🔥 Then you could be affected by Facebook data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our Calculator ➡️

LEARN MORE

Essure Lawsuit: Compensation for Affected Women 

Do you have Deezer? 🔥 Then you could be affected by Facebook data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our Calculator ➡️

LEARN MORE

Johnson & Johnson – Talc Powder Case 

Do you have Deezer? 🔥 Then you could be affected by Facebook data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our Calculator ➡️

LEARN MORE

Avast Privacy Breach

Do you have Avast antivirus? 🔥 Then you may have been affected by a data breach 👉 Get a settlement ✅ Check your claim with our claim calculator ➡️

LEARN MORE

APPLE Data Breach

Do you have Apple? 🔥 Then you could be affected by Apple data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Amazon Data Breach

Do you have Amazon? 🔥 Then you could be affected by Amazon data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

H&M Data Breach

Do you have H&M? 🔥 Then you could be affected by H&M data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Twitch Data Breach

Do you have Twitch? 🔥 Then you could be affected by Twitchdata leak 👉 Get compensation ✅ Check eligibility with our Data Breach Checker ➡️

LEARN MORE

Dropbox Data Breach

Do you have Dropbox? 🔥 Then you could be affected by Dropbox data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Adobe Data Breach

Do you have Adobe Creative Cloud? 🔥 Then you could be affected by Adobe data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

eBay Data Breach

Do you have eBay? 🔥 Then you could be affected by eBay data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Yahoo Data Breach

Do you have Yahoo? 🔥 Then you could be affected by Yahoo data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Marriott Data Breach

Do you know the Marriott? 🔥 Then you could be affected by Marriot data leak 👉 Get compensation ✅ Check eligibility with our Calculator ➡️

LEARN MORE

Facebook Data Breach

Do you have Facebook? 🔥 Then you could be affected by Facebook data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our Calculator ➡️

LEARN MORE

Google Data Breach

Do you use Google? 🔥 Then you could be affected by Google data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

WhatsApp Data Breach

Do you have WhatsApp? 🔥 Then you could be affected by WhatsApp data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our calculator ➡️

LEARN MORE

Uber Data Breach

Do you have Uber? 🔥 Then you could be affected by Uber data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Twitter Data Breach

Do you have Twitter/X? 🔥 Then you could be affected by Twitter/X data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

TikTok Data Breach

Do you have TikTok? 🔥 Then you could be affected by TikTok data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our calculator ➡️

LEARN MORE

T-Mobile Data Breach

Do you have T-Mobile? 🔥 Then you could be affected by T-Mobile data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Spotify Data Breach

Do you have Spotify? 🔥 Then you could be affected by Spotify data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Sony Data Breach

Do you have Sony? 🔥 Then you could be affected by Sony data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Instagram Data Breach

Do you have Instagram? 🔥 Then you could be affected by Instagram data leak 👉 Get up to €500 in settlement payout ✅ Check eligibility with our calculator ➡️

LEARN MORE

LinkedIn Data Breach

Do you have LinkedIn? 🔥 Then you could be affected by LinkedIn data leak 👉 Get compensation ✅ Check eligibility with our calculator ➡️

LEARN MORE

Conclusion

In conclusion, the 2019 Canva data breach affected millions worldwide, exposing sensitive user information. Canva took immediate steps to address the breach and enhanced security measures. Despite no legal actions or settlements yet, potential consequences for the company remain. Canva prioritizes user communication and password security, partnering with 1Password for additional protection. While financial data remained uncompromised, ongoing efforts reflect Canva’s commitment to safeguarding its users’ information and preventing future breaches.

Frequently Asked Questions

Sources

1. Christou L. Gnosticplayers: Why the hacker behind the Canva data breach boasted to the media. Verdict [Internet]. 2019 Jun 3; Available from: https://www.verdict.co.uk/canva-data-breach-gnosticplayers/ 
2. Dutta S. Decrypting Canva’s security breach that affected 139 million user accounts. Medium [Internet]. 2021 Dec 14; Available from: https://codeburst.io/inside-canvas-security-breach-that-affected-139-million-user-accounts-78467e315681 
3. Tucker J. Did Canva suffer a data breach? [Internet]. Canva Templates. 2023.  Available from: https://canvatemplates.com/did-canva-suffer-a-data-breach-what-happened/ 
4. All about Canva Data breach – IDStrong [Internet]. IDStrong. 2021. Available from: https://www.idstrong.com/sentinel/canva-data-breach/ 
5. Canva Security Incident – May 24 FAQs [Internet]. Canva. [cited 2024 Jan 16]. Available from: https://www.canva.com/help/incident-may24/