Freepik photo sharing company discloses security breach impacting 8.3 million users

Freepik online site suffers SQL security breach

Freepik Company, a graphics resources company headquartered in Europe, recently notified approximately 8.3 million users of a security breach affecting two of its brands Freepik and Flaticon. The security breach was due to a SQL injection in Flaticon that allowed an attacker to get some user’s information from the company’s database.

Security Awareness Advocate with KnowBe4 James McQuiggan, Security Awareness Advocate with KnowBe4 said, “SQL Injection is the top item on the OWASP (Open Web Application Security Project) Top 10 list for protecting websites and website applications. The reason is that it's the most common attack and usually one of the first things that cybercriminals will try when attempting to breach a website.”

While Freepik Co. determined that a cyberattack extracted the email and, when available, the hash of the password of some of the users, it clarified that the hash of the password can’t be used to log into accounts.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.