Pixlr data breach

Pixlr

What Happened

In October 2020, online photo editing service Pixlr, owned by Inmagine (which also owns 123RF), suffered a data breach when threat actor ShinyHunters accessed an unsecured AWS S3 backup database, stealing 1.9 million user records that were leaked for free on a hacker forum in January 2021. The exposed data included email addresses, usernames/login names, SHA-512 hashed passwords, users’ countries, newsletter signup status, and in some reports names and social media profiles, enabling risks like phishing and credential stuffing. Pixlr confirmed the incident on January 22, 2021, noting it affected about 1.9 million registered users with no financial data compromised, and recommended password resets while implementing security fixes.

Compromised Assets

  • email

Check your company's
exposed credentials

Enter your work email to instantly access a free account
and see your company’s exposed credentials.

Related Breaches