The leak did not happen all at once. It evolved in stages over several months and years:
The initial database intrusion occurred. Canva interrupted the attack mid-way and locked down their systems. Canva.com database leaked 24th May 2019.7z
Canva discovered that a list of 4 million decrypted passwords from the original breach had been shared online. The leak did not happen all at once
The hacker GnosticPlayers , infamous for high-profile breaches, claimed responsibility. Affected Accounts: Roughly 137 to 139 million subscribers . Stolen Data Types: Full names, usernames, and email addresses. Geographic data (cities and countries). infamous for high-profile breaches
Security reports indicated that the stolen data had resurfaced on the Dark Web, prompting renewed warnings for users who had not changed their reused passwords since the incident. Security Response and Mitigation