Australia’s hugely successful graphic design company Canva, which has more than 139 million users worldwide, has been hit by a major data breach.
The company on Friday reported an attack on its systems in progress, with hundreds of thousands of users’ usernames, e-mail addresses and passwords apparently being stolen – perhaps for later sale to interested parties. In some cases, users’ artwork was also stolen.

Canva CEO, Melanie Perkins
However, the company came in for a roasting from many users after it initially buried news of the break-in beneath a self-promoting blurb announcing “a beautiful new browse experience”
Since then the company has back-pedalled and been quite open revealing the overwhelming nature of the break-in – though actual number or value of the stolen material has so far not been revealed.
“On Friday, May 24, 2019, we discovered an in-progress attack on our systems. As soon as we were notified, we immediately took steps to identify and remedy the cause and have reported the situation to the relevant authorities (including the FBI and AFP), the company said.
Despite the huge nature of the theft, Canva maintains that credit card details or actual funds appear have been stolen. The company said it is working with a forensics team and the FBI ” to diagnose exactly what happened and are putting processes in place to help prevent another attack.”
The attack closely follows Canva’s raising of US$70 million in fresh capital, valuing the Sydney-based company at $3.6 billion.