A serious data breach suffered the Indian startup Edureka, which resulted in the names, addresses and telephone numbers of more than 2 million users being exposed for more than a week.
Cybersecurity experts working with SafetyDetectives, discovered for the first time the vulnerability on August 1st and following their protocol, they contacted Edureka on August 6th to inform her about the issue. However, when they did not receive a reply, they contacted the Indian Computer Emergency Response Team (CERT-In), the Indian authority involved in safety at cyberspace.
The SafetyDetectives report states that the vulnerability was detected on a company server that did not have the appropriate security. The SafetyDetectives research team, led by Anurag Sen, discovered 25 gigabytes of data, which contained more than 45 million compromised personal data files. As some of the files were duplicate, the number of users affected by the data breach is estimated at around 2 million, with most of them in the India and in countries such as USA.
Edureka confirmed that it had been notified of the breach on its server, but denied that its users' personal information had been breached.
Founded in 201, Edureka is an online learning platform that offers short-term courses as well as bachelor's degree courses in collaboration with educational institutions. The company server is hosted by Amazon Web Services.
SafetyDetectives' report on the Edureka server breach states that such incidents can seriously affect affected users, as they allow malicious agents to launch more sophisticated attacks targeting specific individuals.