Aussie startup darling Canva made it public that their user database had been compromised over the weekend.
The breach has resulted in the usernames, emails and passwords being compromised and the company asking users to change their password immediately via an email.
On May 24, we became aware of a security incident. As soon as we were notified, we immediately took steps to identify and remedy the cause, and have reported the situation to authorities (including the FBI)
Canva have advised the users were salted & hashed meaning they’re not immediately accessible had they been in plain-text but doesn’t make them bullet proof either.
Anyone who’s signed up for the online graphic design tool should take steps to update their details immediately.
Source: Canva Status