Data Of 22 Mn Unacademy Users Available For Sale On Dark Web

Data Of 22 Mn Unacademy Users Available For Sale On Dark Web

SUMMARY

Unacademy says that around 11 Mn users have been compromised

Cyble said that the breach happened in January 2020

The hacker has said that further leaks are expected in the near future

Bengaluru-based Unacademy has found itself in the middle of a massive data breach. A report by cybersecurity firm Cyble found that a threat actor was selling Unacademy user database containing 20 Mn accounts for $2,000 on the dark web.

However, the company claimed that as per its internal investigations, email data of around 11 Mn users has been compromised as against 22 Mn stated in reports. “This is on account of only around 11 Mn email data of users available on the Unacademy platform,” said Hemesh Singh, cofounder and CTO, Unacademy.

Cyble said that on May 5 it discovered that a data breach took place in January 2020 and the hacker has now started to lead user accounts. But the hacker has claimed to have access to Unacademy’s entire database.

Data seen by Cyble

Cyble said that it has acquired the leaked database of 21.9 Mn Unacademy’s user account details like user ID, encrypted password, email address, date joined, last login among others.

“We have seen accounts/records with domain names from Infosys, TCS, Cognizant, Reliance Industries, TCS, HDFC, Accenture, ICICI, SBI, Canara Bank, Bank of Baroda, Punjab National Bank and several other large organisations,” Cyble said in its post.

Meanwhile, Singh said that the company was closely monitoring the situation and would like to assure its users that no sensitive information such as financial data or location has been breached.

Data seen by Cyble

“Data security and privacy protection of our users is of utmost importance to us and we are doing everything possible, to ensure no personal information is compromised. We follow stringent encryption methods using the PBKDF2 algorithm with a SHA256 hash, making it highly implausible for anyone to decrypt passwords. We also follow an OTP based login system that provides an additional layer of security to our users,” he added.

The company said that it is doing a complete background check and will be addressing any potential security loophole to further bolster its efforts of ensuring a far more robust security mechanism. “We are in communication with our users to keep them updated on the progress,” Singh added.

In a Twitter post, Unacademy CEO Gaurav Munjal advised users to change their password on other platforms if they were using the same password at multiple places. Founded in 2010 by Gaurav Munjal, Roman Saini, and Hemesh Singh, Unacademy had begun its journey with a free YouTube tutorial to teach students, but in 2015, the company started offering free learning in lessons on every possible topic in multiple languages.

Today, the company has more than 10K registered educators and 13 Mn learners. The company claims to have 100 Mn monthly views across its various platforms such as Unacademy, Unacademy Plus, Wifistudy, Chamomile Tea with Toppers, Unacademy Studios and The Solutionists.

Unacademy has raised more than $88.6 Mn from investors such as Facebook, Steadview Capital, Sequoia India, Nexus Venture Partners and Blume Ventures among others.

Government data reveals that in 2019 alone, India witnessed 3.94 Lakh instances of cybersecurity incidents. In terms of hacking of state and central government websites, CERT-In data shows that a total of 336 websites belonging to central ministries, departments and state governments were hacked between 2017 and 2019.

The Indian government was planning to unveil an official cybersecurity strategy policy in January 2020. Without an official policy, the government has taken disparate steps to boost cybersecurity and even announced grants for startups in this space.

According to Nasscom’s Data Security Council of India (DSCI) report 2019, India witnessed the second-highest number of cyberattacks in the world between 2016 and 2018. This comes at a time when digitisation of the Indian economy is predicted to result in a $435 Bn opportunity by 2025.

Update: May 8, 2020 | 12:28 PM

In a statement to Inc42 after the story was published, Accenture said, “Accenture has no professional relationship with Unacademy, and any implication or assertion otherwise is erroneous. Accenture has suffered no data breach or loss of any records or client information as a result of this incident.”

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Data Of 22 Mn Unacademy Users Available For Sale On Dark Web-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Data Of 22 Mn Unacademy Users Available For Sale On Dark Web-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Data Of 22 Mn Unacademy Users Available For Sale On Dark Web-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Data Of 22 Mn Unacademy Users Available For Sale On Dark Web-Inc42 Media
Data Of 22 Mn Unacademy Users Available For Sale On Dark Web-Inc42 Media
You’re in Good company