Video making service provider Animoto has revealed a data breach that occurred on July 10 which compromised users’ personal information like names, dates of birth, and email addresses.
According to the official statement, on July 10, 2018, Animoto discovered and halted the unusual activity on its systems and reported to the law enforcement authorities for further investigation. From August 16, 2018, Animoto began notifying its users about the incident, after confirming the activity was unauthorized.
Based out in New York, Animoto offers cloud-based video creation services that generate video from photos, video clips, and music into video slideshows for social media sites.
The company stated that the compromised users’ data may have included first name, last name, username, email addresses, hashed and salted passwords, geolocation, gender, and date of birth. The officials stated it wasn’t clear if the hackers obtained the private key, which could be used to expose the passwords. Animoto also specified that the complete payment data was stored in a separate system and was not accessed.
To prevent the further loss, Animoto suggested its employees and users reset their passwords and reduced employees’ access to critical systems. The company is also reviewing its policies and procedures and examining ways to enhance overall network cyber threat detection at Animoto to detect and prevent unauthorized access to user information.