11 million Unacademy user accounts were hacked in January — and they are now up for sale on Dark Web

Flickr

  • According to cyber intelligence firm Cyble, the database of nearly 22 million learners on the edtech platform Unacademy was compromised in January 2020 and went up for sale on Dark Web a few days ago.
  • That includes professionals from Wipro, Infosys, Cognizant, Google and Facebook.
  • Unacademy confirmed Business Insider that database of 11 million learners was hacked — but no sensitive information was compromised.
  • The company is now conducting an aggressive background check for any loopholes or security threats.
The database of nearly 22 million learners on the edtech platform Unacademy was compromised in January 2020 and went up for sale on Dark Web a few days ago. That includes professionals from Wipro, Infosys, Cognizant, Google and Facebook.

According to a cybersecurity intelligence firm Cyble, these contacts were put up on sale for $2,000 on May 3. This includes account details such as username, email address, password, profile, and login location and timings.

While the startup confirmed Business Insider that the data breach happened, it said that no sensitive information was compromised. The database of 11 million learners was compromised, the company said.
Advertisement

‘’We have been closely monitoring the situation and can confirm that basic information related to around 11 million learners has been compromised. However, we would like to assure our learners that no sensitive information such as financial data, location or passwords has been breached,” said Hemesh Singh, Co- Founder and CTO, Unacademy.

The company is now conducting an aggressive background check for any loopholes or security threats.

“We follow stringent encryption methods using the PBKDF2 algorithm with a SHA256 hash, making it highly implausible for anyone to access the learner passwords. We also follow an OTP based login system that provides an additional layer of security to our learners. Data security and privacy of our learners is of utmost importance to us and we will be in communication with our learners to keep them updated on the progress,” Singh elaborated.
Advertisement

However, as per the cyber intelligence firm, the intruders have only leaked user account information as of now and the hackers might have more information with regard to these user accounts, adding that the registered learners should change their passwords immediately. The edtech startup has a user base of 10,000 educators and over 13 million learners.

Cyble, which also reported the data breach involving teleconferencing platform Zoom, claims that the database has details of 21,909,709 Unacademy users.

See also:
Advertisement
Meet the Indian on Facebook's oversight board which will police content on Facebook and Instagram
{{}}