Envato Investigates Cyber Attack Claims: No Evidence Found Yet
Australian digital asset and creative resource platform, Envato, is currently looking into recent allegations of a cyber attack but has not uncovered any signs of a breach thus far. This situation has raised concerns among users regarding the security of their information.
Overview of Envato
Founded in 2006 and based in Melbourne, Envato has established itself as a go-to platform providing a diverse range of creative assets. It serves creatives across the globe, offering resources such as photos, videos, fonts, templates, 3D models, and AI-generated media through a subscription model. Envato’s user base extends to various regions, including Australia, New Zealand, the United States, Mexico, and Vietnam.
Allegations of Data Theft
On June 24, reports from Cyber Daily highlighted claims made by a hacker who goes by the pseudonym “WISDOM.” This individual alleged a significant breach involving Envato’s API, claiming to have stolen 11 million email addresses from the platform. The hacker announced their intentions to sell this data for $2,500 per copy on a Russian dark web forum, asserting they would limit sales to only two buyers and provide a sample to serious inquiries.
Envato’s Response
When approached for comment, Envato’s representatives stated that they are actively investigating these claims. A spokesperson assured, “While we are aware of recent claims suggesting unauthorized access to Envato data, we are urgently evaluating the situation. At this time, we have found no evidence of a data breach affecting Envato.”
The company emphasized that protecting user data remains their highest priority. However, as of now, it remains uncertain if any of the alleged information has actually been sold.
Potential Risks of the Alleged Breach
Although the claims focus on email addresses, the implications of such a breach could be severe. Cybercriminals can leverage stolen email addresses for phishing attempts. By masquerading as Envato officials, they may try to extract further personal information or financial data from unsuspecting users.
Another angle to consider is that the hacker may be inflating the incident’s severity. There’s a possibility that the data being touted could stem from previous breaches or even be entirely fabricated, casting doubt on the authenticity of the claims.
Future Developments
At this stage, Envato has not made any comprehensive public statements regarding the incident. However, stakeholders within the company are prepared to act if credible evidence arises during their ongoing investigation.
The situation is dynamic, and Cyber Daily will remain vigilant in providing updates as new information comes to light. As discussions unfold, the tech community and Envato users are likely to keep a close watch on developments relating to this claim.
