accelerated-mobile-pages domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121easy-digital-downloads domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd_cfm domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edds domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121edd-recurring domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121Newsmag domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /www/cisomagcom_810/public/wp-includes/functions.php on line 6121The post Data Breach Affected 2Mn Users of Indian E-Learning Platform Edureka appeared first on CISO MAG | Cyber Security Magazine.
]]>The researchers found the vulnerability on August 1, 2020, with prominent security flaws. The leaky database was secured after SafetyDetectives reported the issue to the Indian Computer Emergency Response Team (CERT-In). The server, located in the U.S. and hosted by AWS, exposed more than 45 million records totaling to 27 gigabytes, including first names, email addresses, phone numbers, country of residence, login activity records, Auth token information, and courses/information users had accessed previously.
The data breach could impact users if the exposed information falls into the wrong hands. Cybercriminals could exploit the stolen personal information to launch various socially engineered attacks and phishing scams.
“Users’ contact details could be harnessed to conduct a wide variety of scams while personal information from the leak could be used to encourage click-throughs and malware downloads. Personal information is also used by hackers to build up rapport and trust, with a view of carrying out a larger magnitude intrusion in the future. With access to highly sensitive information, Edureka’s compromised server security could have been devastating to entire organizations such as other universities, companies, or government departments,” SafetyDetectives said.
There has been a surge in the usage of online learning platforms during the ongoing pandemic. In the recent past, hackers targeted multiple e-learning portals to steal users’ personal information. India-based online learning platform Unacademy also suffered a data breach that exposed details of 22 million users. Cybersecurity firm Cyble revealed that the unknown hackers kept 21,909,707 user records for sale at $2,000 on darknet forums. The compromised information included usernames, hashed passwords, date of joining, last login date, account status, email addresses, first and last names, and other account profile details. Earlier, a Spanish e-Learning platform 8Belts suffered a data breach that exposed personal data of over 100,000 e-learners across the globe.
The post Data Breach Affected 2Mn Users of Indian E-Learning Platform Edureka appeared first on CISO MAG | Cyber Security Magazine.
]]>The post Data Breach Affects PII of 1 Mn OneClass App Users Across North America appeared first on CISO MAG | Cyber Security Magazine.
]]>“By not securing its users’ data, OneClass has created a goldmine for criminal hackers, jeopardizing the privacy and security of over a million young people and their families,” the researchers said in a statement.
The exposed information included full names, schools and universities attended, email addresses, phone numbers, school and university course enrollment details and OneClass account details. It is estimated that around 8,972,251 student records may have been exposed in the data breach.
“OneClass users are very young – including minors – and will generally be unaware of most criminal schemes and frauds online. This makes them particularly vulnerable targets. It is also likely many of them use their parent’s credit cards to sign up, exposing their whole family to risk. It is also possible that some of the data belongs to minors, as OneClass includes resources for high school students and accepts users from 13 years old and above. Many records also included additional information on individual students and their courses, including faculty details and access to otherwise protected textbooks and question and answer exercises,” researchers added.
There has been a surge in the usage of online learning platforms during the ongoing pandemic. Hackers targeted multiple e-learning portals to steal users’ personal information. In a similar incident, India-based online learning platform Unacademy suffered a data breach that exposed details of 22 million users. Cybersecurity firm Cyble revealed that the unknown hackers kept 21,909,707 user records for sale at $2,000 on darknet forums. The compromised information included usernames, hashed passwords, date of joining, last login date, account status, email addresses, first and last names, and other account profile details. Earlier, a Spanish e-Learning platform 8Belts suffered a data breach that exposed personal data of over 100,000 e-learners across the globe. According to an investigation report, the 8Belts database was stored on a misconfigured Amazon Web Services (AWS) S3 bucket which resulted in the data leakage.
The post Data Breach Affects PII of 1 Mn OneClass App Users Across North America appeared first on CISO MAG | Cyber Security Magazine.
]]>