Important Security Announcement
Beginning on August 16, 2018, Animoto began notifying its users about an issue that may involve their Animoto account information. We value our users’ privacy and, therefore, we want to provide the following details about the event, what data was involved, and the steps we’re taking to protect Animoto’s users’ information.
What Happened? On July 10, 2018, we received an alert of unusual activity on our system. We immediately stopped all suspicious activity and launched an investigation with the support of outside forensics experts. On August 6, 2018, we confirmed that the activity was unauthorized, and that user data may have been obtained. While we cannot confirm that data was removed from our systems or that any specific user’s information was affected, we wanted to let all our users know about this incident out of an abundance of caution.
What Information Was Involved? We determined that, as a result of the activity, data was accessed on July 10, 2018. The data may have included first name, last name, username (email address), hashed and salted passwords, geolocation, gender, and date of birth. While the passwords were hashed and salted (a method used to secure passwords with a key), it’s unclear whether or not the key was accessed. Complete payment card data was stored in a separate system and was not accessed. To date, Animoto has no evidence of any actual or attempted fraudulent misuse of information as a result of this incident.
What We Are Doing. We take this event, and the security of our users’ information, very seriously. We are reviewing our policies and procedures to better protect against an event like this from happening again in the future. In addition to working with third-party experts to conduct an investigation, we have notified law enforcement authorities and we continue to monitor for suspicious activity. We are examining ways to enhance overall network cyber threat detection at Animoto and continue to make enhancements to our systems to detect and prevent unauthorized access to user information, including rebuilding our infrastructure to make to it more secure.
What You Can Do. As an immediate precaution, we suggest all users change their Animoto passwords. If a user has the same or a similar password for other online accounts or email, we recommend users change those passwords or take other appropriate steps to protect those accounts or email addresses as well.
For More Information. If a user would like additional information or would like to connect with our team, just contact us at firstname.lastname@example.org. We’re always here to help.