Unacademy Hacked, 22Mil User Information for Sale

Unacademy is one of the largest online learning platforms in India. According to security firm Cyble Inc, a hacker is offering the user database which contains 21,909,707 records, for $2,000.

Recently Unacademy succeeded in raising as much as USD 110 million in funding from General Atlantic, Sequoia, and Facebook. The company’s value is evaluated more than USD 500 million.

- Advertisement -

WHAT TYPE OF DATA WHERE LEAKED

The breached records include

  • usernames,
  • hashed passwords (SHA-256),
  • date joined,
  • last login date,
  • email addresses,
  • first and last names,
  • account profile (staff member/a superuser),
  • account status (whether the account is active).

DATA BREACH CONFIRMED

Unacademy Co-Founder and CTO Hemesh Singh confirmed the data breach but added that all sensitive information of the learners is safe.

“We have been closely monitoring the situation and can confirm that basic information related to around 11 million learners has been compromised.

However, we would like to assure our learners that no sensitive information such as financial data, location, or passwords has been breached. We follow stringent encryption methods using the PBKDF2 algorithm with a SHA256 hash, making it highly implausible for anyone to access the learner passwords. W

we also follow an OTP based login system that provides an additional layer of security to our learners. We are doing a complete background check and will be addressing any potential security loophole to further our efforts of ensuring a robust security mechanism.

Data security and privacy of our learners is of utmost importance to us and we will be in communication with our learners to keep them updated on the progress,”

It must be noted that Unacademy recently raised a Series F round of funding of $110 million.

Key investors in the firm include Facebook, General Atlantic and Sequoia.

Exit mobile version