Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Data Breaches

Creative Software Maker Affinity Informs Customers of Forum Breach

UK-based creative software developer Affinity recently informed the 175,000 users of its forum of a data breach that occurred on April 6.

UK-based photo editing, graphic design and publishing software developer Affinity recently informed its forum members of a data breach that occurred on April 6.

The company said a hacker gained access to forum user data after compromising an administrator’s account. The attacker may have accessed information such as username, reputation, join date, post count, email addresses, and the last used IP address. 

While most of the compromised information is already public, the email address and IP are not, and this type of information can be useful to malicious actors for targeted phishing attacks. Affinity has warned forum users about the risk of phishing.

It’s unclear how many users had their data compromised, but the Affinity forum has nearly 175,000 members. 

Serif, the company that owns Affinity, said it’s confident that user passwords were not compromised in the breach.

“Please be reassured that any information accessed does not include any financial data, purchase history, physical addresses, phone numbers or anything else held within your main Affinity account / AffinityID. The forum is a standalone system which is completely separate from your Affinity account,” the company added. 

The Affinity forum data breach has been reported to the UK Information Commissioner’s Office (ICO) and steps have been taken to prevent such incidents in the future.

Advertisement. Scroll to continue reading.

It’s unclear how the administrator account was compromised, but in many of these types of incidents account hacking is possible because two-factor authentication has not been used.

Related: 400,000 Users Hit by Data Breach at Media Player Maker Kodi

Related: 4.8 Million Impacted by Data Breach at TMX Finance

Related: 500k Impacted by Data Breach at Debt Buyer NCB

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Data Breaches

A group of hackers has leaked Atlassian employee records and floorplans, information that was obtained from third-party workplace platform Envoy.

Data Breaches

AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor.


Instant Checkmate and TruthFinder have disclosed data breaches affecting a total of more than 20 million users.

Data Breaches

Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals.