Massive Data Breach Exposes 20 Million Cutout.Pro Users' Information

Massive Data Breach Exposes 20 Million Cutout.Pro Users' Information
We may receive commissions for purchases made through links on our website. We appreciate your support.

Cutout.Pro, an AI-powered photo and video editing platform, has suffered a severe data breach compromising the personal data of over 20 million users. A cybercriminal using the alias "KryptonZambie" posted a link on the notorious BreachForums hacking site, sharing 5.93 GB of data stolen from Cutout.Pro's systems.

Here is what we know so far.

What the Leaked Data Includes

The leaked data includes a staggering 41.4 million records, with 20 million unique email addresses. The exposed information encompasses user IDs, profile pictures, API access keys, account creation dates, email addresses, IP addresses, mobile phone numbers, salted and hashed passwords, user types, and account statuses.

Troy Hunt, the founder of the renowned data breach monitoring service Have I Been Pwned (HIBP), confirmed the legitimacy of the breach, adding it to HIBP's catalog. Hunt independently verified multiple matches from the leaked email addresses, successfully triggering password reset requests.

Ongoing Access and Wide Distribution of Stolen Data

The cybercriminal behind the attack claims to still have access to Cutout.Pro's systems, indicating that the company may not have detected the compromise at the time the data was published.

attacker kryptonzambie leaking the data

Attacker KryptonZambie leaking the data. (Source: bleepingcomputer.com)

Another problem is that the attacker has been distributing the stolen files on their personal Telegram channel, causing widespread circulation of the sensitive data.

Cutout.Pro's Lack of Response

The company has not issued an official statement regarding the security incident as of yet, which is alarming considering how many users this breach has affected.

If you have ever used Cutout.Pro, we highly recommend that you reset all your passwords immediately. If you have used the same password on any other site, you should change that as well.

Don’t reply to any suspicious emails, especially ones that ask you for personal information. If you want more protection, we suggest using an antivirus such as TotalAV.

Importance of Cybersecurity and Data Protection

This massive data breach underscores the importance of robust cybersecurity measures and the need for companies to prioritize the protection of user data. Cutout.Pro's lack of response and handling of this incident will be closely scrutinized by the cybersecurity community and its user base.

If you have been affected, make sure you don’t give anyone your personal information.