Cutout.Pro, an AI-powered image and video editing platform serving tens of millions of users globally, suffered a data breach in February 2024 after a misconfiguration exposed its internal database. A hacker obtained and leaked a 5.93 GB database directly on a public hacking forum and distributed it through Telegram channels. The exposed database contained over 41 million records tied to an estimated 20 million user accounts. The breach exposed names, email addresses, IP addresses, and hashed passwords. The passwords were protected with salted MD5 hashing, a relatively weak standard that determined attackers can crack with modern tools. For affected users, this combination of data creates real risk: exposed credentials can be tested against other accounts the person uses, and their email address and IP address can be used to craft convincing phishing attempts or identify their approximate location. Cutout.Pro did not make prominent public statements about the breach, and no formal notification to affected users has been widely documented. No regulatory action or class-action litigation specific to this incident has been reported. Users of the platform should treat their Cutout.Pro password as compromised, change it immediately, and update any other accounts where the same password was used. Because the platform handles personal photos and business design assets, affected users should also consider what images they may have uploaded and processed through the service.

AI visual-design platforms collect user accounts, uploaded images, project metadata, billing records, and usage activity tied to editing and generative design workflows.

Cutout.Pro continues to operate as an AI image processing platform. The market for AI-powered creative tools has become highly competitive. No major organizational changes have been prominently reported in public sources.