Animoto Data Breach
Animoto Cloud Video Creation Platform Breach (2018): 22 Million User Accounts Including Passwords & DOB Exposed
Cloud-based video creation service.
Risk Interpretation
Primary risks include password reuse, account takeover, and phishing. Project and branding context may also support impersonation or business-targeted scams.
Impact & Downstream Threats
In July 2018 Animoto suffered a breach exposing approximately 25 million user records including email addresses, names, dates of birth, geographic locations, and salted password hashes. The data was subsequently placed for sale on dark web markets. Animoto notified affected users and initiated password resets. No class-action settlement or regulatory action specific to this breach has been prominently documented in public sources.
- Credential stuffing against reused passwords across other platforms
- Identity verification bypass using name + date of birth combination
- Targeted phishing campaigns using exposed email addresses
- Doxxing risk from physical address exposure
Threat Vectors
Breach Intelligence
Executive Summary
Animoto, a cloud-based video creation platform used by millions of consumers and small businesses, suffered a data breach in July 2018 due to a misconfiguration that exposed approximately 25 million user records. The breach was discovered to have resulted in stolen data being placed for sale on dark web markets. No external attacker group has been publicly attributed. The exposed data included email addresses, full names, dates of birth, geographic locations, and salted password hashes. That combination is particularly sensitive: dates of birth paired with passwords increase the risk of account takeover, and the profile is detailed enough to support targeted phishing or impersonation attacks against affected individuals and their businesses. Animoto notified affected users and forced password resets following the breach. No class-action settlement or regulatory enforcement action has been publicly documented in connection with this incident. Affected users who reused their Animoto password on other accounts remain at risk of credential-based attacks and should treat any account sharing that password as compromised.
About Animoto
Animoto is a cloud-based video creation service that allows users to produce slideshow-style videos from photos, video clips, and music. The platform serves both consumers and businesses and is used for social media content, marketing, and personal projects. It operates on a subscription model with free and paid tiers and has been used by millions of individuals and small businesses globally.
Why They Hold Your Data
Cloud-based creative platforms collect user accounts, emails, passwords, payment-adjacent data, and project-related records tied to video creation and publishing workflows.
Recent Developments
Animoto continues to operate as a video creation platform. The company has faced increasing competition from video creation tools embedded in social media platforms and broader design tools. No major organizational changes have been prominently reported in the recent period.
Data Points Exposed
Exposure Categories
Canonical Fields
date_of_birth, email_address, full_name, geographic_locations, password
Dark Web Verification
- Dataset containing ~25.4M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: animoto.com-2018;Animoto Data Breach
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Animoto
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam