The Freepik Company has disclosed a data breach impacting the login information of more than 8 million Freepik and Flaticon users.
According to a press release, the security incident was the result of a SQL injection in Flaticon, one of the world’s largest databases of free customizable icons, that allowed attackers to exfiltrate user information.
“We immediately notified the competent authorities of the breach, and in our forensic analysis, we determined that an attacker extracted the email and, when available, the hash of the password of the oldest 8.3M users,” the company said.