Are You a Canva User? You Need to Read This…

Share on facebook
Share on google
Share on twitter
Share on email
I don’t rely on (or trust) links embedded into emails, or even websites when it comes to resetting passwords due to a hack. Start a new browser session and actually type in the address or use your verified safe bookmark.
canva hack
Canva is great tool for creating beautiful headers/banners/posters for social media or personal use, regardless of your graphic design skills. It has an easy to use interface and has all the essential features found in advanced design software to create stunning graphics. It’s an online “freemium” service that provides most of it’s features for free, with the option to use paid add-ons. Just register on their site, login and … Well, they got hacked. 139 million users had their data stolen. Stolen data included details such as customer usernames, real names, email addresses, and city & country information, where available. For 61 million users, password hashes were also present in the database. The passwords where hashed with the bcrypt algorithm, currently considered one of the most secure password-hashing algorithms around. For other users, the stolen information included Google tokens, which users had used to sign up for the site without setting a password. Google tokens expire and are renewed upon each login. Of the total 139 million users, 78 million users had a Gmail address associated with their Canva account. So basically, it’s time to login to your Canva account and change your password. I received an email from Canva informing me of the hack and they supplied a link for me to easily change my password.
Canva Hacked
I didn’t click any of those links. Why not? How do I know they are legitimate? I can hover my mouse over the link https://www.canva.com/account and see the actual URL which is completely different. The real link is some sort of code filled tracking mechanism. It doesn’t even start with https:// Call me paranoid, but if you just got hacked, maybe include a link in your apology email that doesn’t look like a hacker trying to “get me” again.
Looks legit... It actually is, but how would the average user know?
Looks legit… It actually is, but how would the average user know?
So I don’t rely on (or trust) links embedded into emails, or even websites when it comes to resetting passwords due to a hack. Start a new browser session and actually type in the address or use your verified safe bookmark. But you can use the link I provided above… it’s safe, I promise 😉… you didn’t right? You opened Chrome, Edge, Firefox, Opera or your preferred browser and typed in www.canva.com and then reset your password. Nicely done and it didn’t take that much longer, but was safer for sure. It is also best practice to change the password of any other services or accounts where you used the same username/password combination. Need some advice on usernames and passwords? I’ve written about that here.
betonicah

betonicah

We believe in honest hard work, which benefits both clients and us. There is no one size fits all solution, and it is our job to figure out the best possible solution for each unique scenario. From something as simple as fixing a smartphone setting to managing your small business computer network or creating/maintaining your online identity, betonicah’s personalized service and attention to detail are unmatched. Let’s see if we can work together.

Leave a Replay

About Us

We believe in honest hard work, which benefits both clients and us. There is no one size fits all solution, and it is our job to figure out the best possible solution for each unique scenario. From something as simple as fixing a smartphone setting to managing your small business computer network or creating/maintaining your online identity, betonicah’s personalized service and attention to detail are unmatched. Let’s see if we can work together.

Recent Posts

Follow Us

Sign up for our Newsletter

It doesn’t go out often, but when it does, it’s pretty good!

Scroll to Top