CutOut.Pro, a popular AI-powered photo and video editing platform, has recently fallen victim to a significant data breach, exposing the personal information of more than 20 million users. The breach was initially discovered by an individual using the pseudonym ‘KryptonZambie’ on the BreachForums hacking forum. This anonymous individual shared a link to CSV files containing a massive 5.93 GB of data allegedly stolen from CutOut.Pro.

The leaked data includes a plethora of sensitive personal information, such as user IDs, profile pictures, API access keys, account creation dates, email addresses, user IP addresses, mobile phone numbers, hashed and salted passwords, user types, and account statuses. The severity of this breach was further confirmed by the data breach monitoring and alerting service Have I Been Pwned (HIBP), which added the incident to its database, verifying that nearly 20 million individuals have been affected.

CutOut.Pro is well-known for its AI-driven tools that enhance images, remove backgrounds, colorize photos, restore old pictures, and generate content, making it a favored choice among users looking for advanced editing capabilities. Despite its popularity, the recent breach has raised significant concerns regarding the platform’s security measures and the potential risks to users’ privacy and online safety.

The individual responsible for the data leak, ‘KryptonZambie’, asserted that they still had access to the compromised system at the time of the breach, indicating that CutOut.Pro may not have been aware of the security compromise. This ongoing access raises alarm bells about the possibility of further data exfiltration or potential malicious activities using the stolen information.

In response to the breach, cybersecurity experts have advised CutOut.Pro users to immediately change their passwords on the platform and any other websites where they may have used the same login credentials. Since the passwords were hashed using the relatively weak MD5 algorithm, there is a real possibility that threat actors could attempt to crack the leaked password hashes.

Additionally, users are urged to stay vigilant for targeted phishing attacks that could exploit the exposed information to gather more personal data or deceive individuals into compromising their other online accounts. Despite the seriousness of the breach, CutOut.Pro has not yet issued an official statement acknowledging the security incident. This lack of transparency from the platform only adds to the concerns surrounding the breach and raises questions about the company’s handling of the situation.

As this story continues to develop, more updates will be provided as they become available. It is essential for users to stay informed about cybersecurity threats and take necessary precautions to safeguard their personal information online. Following cybersecurity news on platforms like LinkedIn and Twitter can provide valuable insights and tips to enhance online safety and security.

Source link