Animoto
  • Total Records25,402,267
  • Unique Emails22,228,595
  • Unique Email Providers743,093
  • Unique First Names13,820,928

Animoto Data Breach: What Happened in July 2018?

In July 2018, Animoto, a popular cloud-based platform used for creating and sharing videos, suffered a significant data breach. This incident affected approximately 22 million users, exposing sensitive personal information including email addresses, full names, birthdates, countries of origin, and hashed password data. The breach was disclosed after unauthorized access to Animoto's user database was discovered, making it one of the more substantial online security events for creative services that year. The scale of the impact highlighted the importance of strong security measures in platforms handling extensive personal information, especially those catering to a global user base.

What Information Was Exposed?

The breach led to the compromise of a variety of user data. Specifically, the stolen records included:

  • Email addresses
  • First and last names
  • Full birthdates
  • Country of origin
  • Salted password hashes

Importantly, while password hashes were involved, they were not exposed in plain text, and salts were used to increase the difficulty of decoding the passwords. No payment information was reported to be part of the compromise.

How Many Users and Accounts Were Impacted?

It’s estimated that a total of 25,402,268 records were accessed by unauthorized parties. These records correspond to roughly 22 million unique users, making it one of the largest data exposures among video creation services at that time.

Timeline and Discovery

The security breach at Animoto took place in July 2018. Following the discovery, Animoto took steps to notify affected users and enhance their security protocols. The company initiated a password reset for impacted accounts and publicly disclosed the nature and scope of the compromised data soon after investigating the incident. This swift response played a role in limiting any potential long-term impact on affected user accounts.

Who Was Behind the Breach?

There have been no public disclosures identifying a specific actor or group responsible for the Animoto breach. As with many large-scale cyber incidents, attribution can be difficult, and the primary focus remained on securing the platform and informing users.

Frequently Asked Questions

What kind of data was leaked in the Animoto data breach?

The breach exposed user email addresses, first and last names, birthdates, countries of origin, and salted password hashes associated with Animoto accounts.

When did the Animoto breach happen?

The breach occurred in July 2018 and was reported shortly afterward once unauthorized access was detected and investigated.

How many users were affected by the Animoto breach?

Approximately 22 million user accounts, with a total of over 25 million records, were impacted by the Animoto breach.

What was Animoto's response to the data breach?

Animoto notified users, initiated password resets, and improved security protocols to protect against future incidents. Public and private communication with affected users began promptly after discovering the breach.

How can I check if I'm in the Animoto breach?

You can check if your information was part of the Animoto breach by utilizing the DeHashed search engine.