Online learning platform, Unacademy, is the latest victim of a data breach. In all, 22 million accounts have been compromised.
Lately, it seems like hardly a day goes by without a noteworthy data breach occurring. The victim of the latest breach is Unacademy. In all, 22 million accounts have been compromised as result. Unacademy is India’s largest online learning platform.
From Bleeping Computers:
After recently raising $110 million in funding from General Atlantic, Sequoia and Facebook, Unacademy has a valuation of over $500 million.
On May 3rd, 2020, cyber intelligence company Cyble Inc. discovered that a threat actor had begun to sell an Unacademy user database containing 20 million accounts for $2,000.
While advertised as 20 million, the database contains a total of 21,909,707 user records.
These records include usernames, SHA-256 hashed passwords, date joined, last login date, email addresses, first and last names, and whether the account is active, a staff member, or a superuser.
After contacting numerous Unacademy users, BleepingComputer has verified that the data being sold is authentic and contains accurate information.
The last account created in the database is from January 26th, 2020, which indicates that the hacker most likely breached Unacademy’s systems around that time.
May is proving to be a particularly eventful month so far. This month started with the Webkinz data breach which saw 23 million accounts compromised. After that, high profile domain registrar, GoDaddy, also suffered from a data breach. Finally, most recently, we saw the Tokopedia data breach which saw 91 million accounts compromised. That last data breach, of course, sparked a lawsuit from the KKI which also saw the Indonesia Communications Ministry named. At this point, all we can do now is just wait for the next big leak or breach to occur as this seems to be a near daily thing these days.
Drew Wilson on Twitter: @icecube85 and Facebook.