AI-Powered CutOut.Pro Data Breach Exposes PII of 20 Million Users
Hong Kong-based AI service platform, Cutout.Pro, suffered a massive data breach wherein personal information of nearly 20 million users was compromised.
The February 2024 breach exposed member information, including email and IP addresses, names, profile pictures, account creation and other details, mobile phone numbers, API access keys, and hashed and salted passwords. Thus, triggering security and privacy concerns.
In a February 27, advertisement posted on the notorious BreachForums hacking site, a user going by the alias ‘KryptonZambie’ claimed to have successfully breached the platform. The perpetrator shared a link to CSV files containing 5.93 GB of stolen data, including over 40 million records. The hacker further claimed to have access to the breached network system.
CutOut.Pro’s marketing department however, denied the data breach claims, labeling it as a ‘clear scam,’ reports Hackread. The company claimed to have “never received any emails from users stating that their accounts have been hacked or their information leaked.”
Data breach monitoring and alerting sites like, Hackread.com and Troy Hunt’s Have I Been Pwned (HIBP) independently verified the breached data, and their evidence proves the breach legitimacy.
Hackread verified 20 leaked email addresses by attempting to register on CutOut.Pro website, and it found accounts registered and in use for the said email addresses.
HIBP has also added the breach on its platform, confirming exposure of 19,972,829 user accounts.
Despite the company’s denial, both past and present CutOut.Pro users are advised to reset their passwords both on the platform and other websites where similar credentials have been used.
Furthermore, users should watch out for any suspicious activity linked to the online accounts and beware of targeted phishing attempts.
This is not the first time that CutOut.Pro users have had their data compromised. In early 2023, researchers at Cybernews discovered that the company’s open Elasticsearch servers leaked 9 GB worth of user data.
Founded in 2018, CutOut.Pro is an AI-powered platform that refines photos and video content.
Leave a Comment
Cancel