Canva

What Happened

In May 2019, the graphic design tool website Canva suffered a data breach that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins.

Compromised Data

Email addresses
Geographic locations
Names
Passwords
Usernames

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
Guardio

Take action after a breach — Guardio spots what’s still at risk and blocks phishing scams and new threats before they compromise your data or finances.

Try Guardio
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    137.3 million

  • Breach Occurred:

    May 2019

  • Added to HIBP:

    9 Aug 2019

  • Attribution:

    JimScott.Sec@protonmail.com

Recommended Actions

Change Your Password

If you haven't changed your Canva password since 2019, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura