Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users.
Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.
Unacademy, one of the largest Indian online learning platforms suffered a data breach, and hackers are selling the account information for close to 22 million users. Experts from security firm Cyble Inc discovered that a threat actor is offering the user database, containing 21,909,707 records, for $2,000. The analysis of creation data for the records in the database revealed that the last creation date is January 26th, 2020, a circumstance that suggests that the hack took place in the same period.
Recently the company raised $110 million in funding from General Atlantic, Sequoia, and Facebook, it is evaluated more than $500 million.
Exposed records include usernames, hashed passwords (SHA-256), date joined, last login date, email addresses, first and last names, account profile (staff member/a superuser), account status (whether the account is active).
BleepingComputer contacted some Unacademy users and verified that the data is authentic.
Cyble attempted to report its discovery to Unacademy wihtout success.
According to BleepingComputer that reached the hackers they have stolen much more than just the user database.
Cyble pointed out that it has acquired the database and added the user records to its data breach monitoring service amibreached.com.
Unacademy users can use the service to determine whether their account was included in the dump.
The post Unacademy hacked, 22 million accounts offered for sale appeared first on Security Affairs.