Freepik is a search engine that provides users with access to high-quality graphics resources, including images, vectors, illustrations, and the like. On Flaticon, users can find over 3 million vector icons in various file formats.
The attackers, Freepik Company explains, exploited an SQL injection vulnerability in Flaticon, which allowed them to access user information.
“[I]n our forensic analysis, we determined that an attacker extracted the email and, when available, the hash of the password of the oldest 8.3M users. To clarify, the hash of the password is not the password, and cannot be used to log into your account,” the company announced.