Data Breach Hits Famous Free Photos And Graphics Website Freepik

In a recent data breach, over 8.3M Freepik app users had their accounts accessed by unauthorized third-party actors. Read this post for the most recent Freepik news update and the dos and don’ts for victims.

What Happened?

The latest notification from Freepik and Flaticon to their wide userbase justifies why cybersecurity is important. Freepik and its sister website Flaticon have over 20M registered users coming to them for quality-rich free photos and design graphics. However, they underwent a significant website hack where the adversaries used SQL injection to access one of their databases.

SQL injection is one of the frequently used website hacking methods and has caused great inconvenience to the Freepik company and its users.


The internet was storming this week with social media posts from annoyed Freepik users who posted suspicious breach notification emails.

This Freepik news came in when the company started sending customized emails to all affected users. They have also posted a formal message confirming the authenticity of the user-received emails. Here is how Freepik users are at risk:

  • The attack led to a compromise of usernames and passwords belonging to 8.3 million registered Freepik and Flaticon users.
  • The Freepik hack incident hasn’t affected all of its users. While some users had their usernames and passwords compromised, others only were robbed of their email addresses, which cannot be used for much harm.
  • In the data breach, 4.5M federated logins (Google, Facebook, or Twitter) were affected, and 3.77M email addresses and hash passwords were accessed.
  • The passwords were hashed using bcrypt for 3.55M users and MD5 for the remaining 229K. These users received emails with links to change their passwords to something unguessable and unique.

What Has Freepik Done?

Although Freepik Flaticon authorities hadn’t disclosed when the attack took place or discovered it, they deployed security services and investigated the breach.

They are notifying all affected users and are hopeful to have things under control soon.

What Must Freepik And Flaticon Users Do?

All affected users must adopt data breach solutions and do the following things to ensure their safety:

  • Make it a point to change your account password to something secure with a combination of special characters, numbers, capital, and small letters.
  • Make sure not to repeat the same (or compromised password) for any of their other accounts online.
  • Have an efficient spam detection service so that they do not fall prey to some targeted phishing attack.
  • Lastly, users must change their passwords regularly to ensure long-term safety from any attacks like this, which continue to have repercussions long after they are resolved.

Final Words

Cyberattacks aren’t unusual anymore; what’s surprising is not being prepared to withstand one! Hence, every individual and corporation must take cybersecurity seriously and have a data backup and reliable security services.


Leave a Reply

Your email address will not be published. Required fields are marked *