Around 2 million Edureka users’ records at risk due to database breach

Edureka is one of the known online education startups based in India, and its server is based in the US. As per the report of SafetyDetective, the largest antivirus review website, its security team has discovered a completely unsecured Elasticsearch server of the e-learning platform. The team, lead by Anurag Sen, found this vulnerability while routing IP-address checks on specific ports and figure out over 25GB of personal data was publicly available. Not sure about the exact number, but there were around 2 million Edureka users’ personal data, including first name, email address, phone number, country of residence, login activity records, and Miscellaneous Auth token information.

  • Credentials with Auth Values_TechnoSports.co.in
  • Server logs showing login activity_TechnoSports.co.in
  • Server logs showing user email address and user Auth values_TechnoSports.co.in

The SafetyDetective team spotted this vulnerability on 1st August and reached the Edureka team on 6th August to notify them. In addition to vulnerability, there were also some significant security flaws. As the platform didn’t respond, SafelyDetetive reached the Indian Computer Emergency Response Team (CERT-In) on 13th August.

The login activity details in the exposed data can be used in scams or even can be handed over to the commercial third parties. 2 million users’ data is not a small amount. Apart from these, the contact details – phone number and email addresses- can also be used in various kinds of fraud.

Do Check Out 👇🏼

- Advertisement -720x200

TechnoSports 🔥 Stay Updated

Untitled-13
Anupam Modak
A CS Engineer and Tech Enthusiast who likes to fiddle with the latest gadgets and tech happenings around the world.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Articles

Stay Connected

13,642FansLike
354FollowersFollow
88FollowersFollow

Hot Topics

300x600

Latest Articles

Trending

Top 10 most valuable player in the world in 2021

Transfer window has reopened for the month of January already. CIES Football Observatory has released the list of most expensive players of the world. Here...

Upcoming smartphone launches in February/March 2021

There is a big number of smartphones are about to get launched in the month of February and March of 2021. Some of them...

Apple’s new 16-inch MacBook Pro might not get the M1X treatment

Apple will soon be launching its new MacBook Pro models which will be powered by the new silicon which the Cupertino giant is currently...

Games that you can still play with NVIDIA GT 710

Want to play games on your old rig? Do not have enough money? Here are the modern games that you can still play on...

Featured