- The exposed information included first name, last name, username, email addresses and more.
- Animoto has reported the issue to the California Attorney General and all its customers about the breach.
Popular video making service provider Animoto has disclosed a data breach that may have exposed the personal information of its customers. The exposed information included first name, last name, username, email addresses, hashed and salted passwords, geolocation, gender and date of birth.
However, Animoto claims that its users’ payment card data was not accessed as it was stored in a separate system. The firm discovered unusual activity on July 10, 2018, and quickly addressed the issue by blocking the all suspicious activities.
Animoto said that its launched an investigation, with the help of third-party forensic experts. On August 6, 2018, Animoto discovered that the detected unfamiliar activity was unauthorized and that user data may have been leaked on or around July 10.
22 million users likely impacted
Animoto is still unsure whether the data was stolen from their systems or whether any particular user information was affected. So far however, there is no evidence of any fraudulent misuse of Animoto’s user data as a result of the incident. The number of users impacted by the breach is unknown. However, the firm will be notifying all the 22 million users, TechCrunch reported.
Animoto has reported the issue to the California Attorney General and on August 16, 2018, the firm notified all its customers about the breach.The firm also changed passwords of all its employees and urged users to change their passwords immediately as well.
Animoto restricted user access to systems that are of significance. The firm also now continues to monitor its systems for suspicious activities to ensure that it can make the required security enhancements to better detect and prevent such unauthorized access of user data in the future.