Hacker GnosticPlayers, claims to have stolen data of 139 million Canva users, including customer usernames, real names, emails, and city and country information where available. 

The popular Sydney-based startup, Canva, specializes in graphic design services and is ranked #170 within the Alexa website traffic rank. The company just announced raising $70 Million in Series-D funding at a $2.5 billion valuation.

On a positive note, Canva stored salted and hashed passwords for 61 million users using the secure bcrypt algorithm, while 78 million used Google tokens to authenticate into the app --- all also retrieved by GnosticPlayers. Canva has encouraged password resets as a precaution to their users.

This attack is all a part of GnosticPlayers' goal to steal one billion user credentials, now achieved at 1,071 billion credentials from 45 companies.