In a recent development, the AI service Cutout.Pro has fallen victim to a significant data breach, resulting in the exposure of sensitive information belonging to 20 million users.
The compromised data includes email addresses, hashed and salted passwords, IP addresses, and names, causing widespread concern among the platform’s user base.
Cutout.Pro, known for its advanced photo and video editing capabilities—such as image enhancement, background removal, diffusion, colorizing, old photo restoration, and content generation—now faces the daunting task of addressing this major security lapse.
The breach came to light when an individual using the alias ‘KryptonZambie’ posted a link on the BreachForums hacking forum. The link led to CSV files containing 5.93 GB of stolen data from Cutout.Pro, with the database dump revealing 41.4 million records. Notably, 20 million of these records consist of unique email addresses.
Alarmingly, the cybercriminal behind the attack indicated that they still had access to Cutout.Pro’s system, suggesting that the breach had gone undetected by the company at the time of the data’s publication.
The exposed data includes a wide range of user information, such as user IDs and profile pictures, API access keys, account creation dates, email addresses, IP addresses, mobile phone numbers, hashed passwords with salts, user types, and account statuses.
The data breach monitoring and alerting service Have I Been Pwned (HIBP) confirmed the addition of this breach to its database, verifying that the leaked dataset contains information for approximately 19,972,829 individuals.
The threat actor has further exacerbated the situation by distributing the stolen files on their personal Telegram channel, leading to even wider dissemination.
Despite the gravity of the situation, Cutout.Pro has yet to release an official statement acknowledging the breach. However, Troy Hunt, the founder of HIBP, independently verified multiple matches from the leaked email addresses, confirming that password reset requests were successfully processed.
Dark Web, a platform that monitors such incidents, also confirmed that the emails listed in the data leak corresponded with legitimate Cutout.Pro users. Attempts to contact Cutout.Pro for a response have so far been unsuccessful.
Given the potential risks, it is highly recommended that anyone who has used Cutout.Pro reset their password immediately, not only on Cutout.Pro but also on any other platforms where the same credentials might be used.
The relatively weak security of MD5 password hashes, which are considered easy to crack by modern standards, underscores the urgency of this action. Additionally, Cutout.Pro users should remain vigilant against targeted phishing scams that may arise as a result of this breach, aiming to extract further information from affected individuals.