Around 2 million Edureka users’ records at risk due to database breach

Edureka is one of the known online education startups based in India, and its server is based in the US. As per the report of SafetyDetective, the largest antivirus review website, its security team has discovered a completely unsecured Elasticsearch server of the e-learning platform. The team, lead by Anurag Sen, found this vulnerability while routing IP-address checks on specific ports and figure out over 25GB of personal data was publicly available. Not sure about the exact number, but there were around 2 million Edureka users’ personal data, including first name, email address, phone number, country of residence, login activity records, and Miscellaneous Auth token information.

  • Credentials with Auth Values_TechnoSports.co.in
  • Server logs showing login activity_TechnoSports.co.in
  • Server logs showing user email address and user Auth values_TechnoSports.co.in

The SafetyDetective team spotted this vulnerability on 1st August and reached the Edureka team on 6th August to notify them. In addition to vulnerability, there were also some significant security flaws. As the platform didn’t respond, SafelyDetetive reached the Indian Computer Emergency Response Team (CERT-In) on 13th August.

The login activity details in the exposed data can be used in scams or even can be handed over to the commercial third parties. 2 million users’ data is not a small amount. Apart from these, the contact details – phone number and email addresses- can also be used in various kinds of fraud.

Do Check Out 👇🏼

TechnoSports 🔥 Stay Updated

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More like this

LATEST NEWS

Best 2GB/Day Recharge Plans in India: Jio vs Vi vs Airtel vs BSNL

With mobile data becoming an essential part of our daily lives, choosing the right prepaid recharge plan can be confusing. Major telecom providers—Jio, Vodafone...

ChatGPT Search: Now, No Sign-In Required in 2025

In a bold and exciting move, OpenAI has made its ChatGPT Search feature accessible to everyone without the need for an account. As of...

Oppo Find N5: A Crease-Free Foldable Revolution Coming Soon!

The Oppo Find N5 is creating quite a buzz in the foldable smartphone industry. Set to launch globally in the next two weeks, this...

The Recruit Season 2 Review: Gets Bigger, Better, and Intense

The Recruit Season 2 Review: Noah Centineo returns as Owen Hendricks in the second season of Netflix's show The Recruit, and this time, things...

Featured