Monday, January 18, 12:59
Home security Edureka victim of infringement, 2 million users were affected

Edureka victim of infringement, 2 million users were affected

A serious data breach suffered the Indian startup Edureka, which resulted in the names, addresses and telephone numbers of more than 2 million users being exposed for more than a week.

Edureka

Cybersecurity experts working with SafetyDetectives, discovered for the first time the vulnerability on August 1st and following their protocol, they contacted Edureka on August 6th to inform her about the issue. However, when they did not receive a reply, they contacted the Indian Computer Emergency Response Team (CERT-In), the Indian authority involved in safety at cyberspace.

The SafetyDetectives report states that the vulnerability was detected on a company server that did not have the appropriate security. The SafetyDetectives research team, led by Anurag Sen, discovered 25 gigabytes of data, which contained more than 45 million compromised personal data files. As some of the files were duplicate, the number of users affected by the data breach is estimated at around 2 million, with most of them in the India and in countries such as USA.

Edureka confirmed that it had been notified of the breach on its server, but denied that its users' personal information had been breached.

Founded in 201, Edureka is an online learning platform that offers short-term courses as well as bachelor's degree courses in collaboration with educational institutions. The company server is hosted by Amazon Web Services.

SafetyDetectives' report on the Edureka server breach states that such incidents can seriously affect affected users, as they allow malicious agents to launch more sophisticated attacks targeting specific individuals.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

00:02:01

Microsoft, Salesforce, Oracle are designing a digital vaccination passport

A Covid digital vaccination passport is being developed jointly by a team of health and technology companies, as well as governments, airlines and ...

Google removes Chrome Sync from third-party browsers

Google says it will block the use of private Google APIs by third-party Chromium web browsers after discovering that ...

Medical records of railway workers and drivers were leaked

UPS and Norfolk Southern are examining whether the medical records of employees were compromised, after the publication of health data of truck drivers and employees ...

Siemens: Product Vulnerabilities Allow Arbitrary Code Execution!

Last week, Siemens informed its customers that some of its product development solutions are affected by twelve vulnerabilities, the ...

DuckDuckGo: The focus on privacy has led to an increase in users

The DuckDuckGo search engine, which focuses on protecting users' privacy, has grown significantly, having managed to reach 102 million ...

WordPress: Vulnerabilities in Orbit Fox plugin allow download sites!

Security experts at Wordfence have discovered two vulnerabilities in WordPress' "Orbit Fox" plugin. It is a vulnerability of escalating privileges and a ...

BugTraq: The security mailing list closes 27 years later

One of the first mailing lists in the field of cyber security, dedicated to the announcement of vulnerabilities, BugTraq announced that it is closing its operation ...

The doxing site "Enemies of the People" is still active!

The doxing site "Enemies of the People" (EOTP), a site that encourages violence against US officials who refused to support ...

Joker's Stash: The largest illegal card forum is closing

The closure was announced by Joker's Stash, the largest forum for buying and selling stolen card data.

GDPR: Fine to a laptop seller for tracking employees

The data protection authority for the German state of Lower Saxony has fined, for violating the GDPR, a local ...