Packing batteries with more punch
Indian researchers are working on cells that can store more energy, last longer
A data breach has occurred at Bengaluru-based e-learning platform Edureka, impacting up to 2 million users, when its server was left publicly exposed without password protection, according to security research firm SafetyDetectives. On its part, the company said no sensitive personal information was exposed.
Almost all of the affected are based in India. The impact of this data breach on users could be severely compromising, both personally and professionally, the security firm, which posted the report today on its website, said.
“Our security team found more than 45 million records totalling 27 GB, including email addresses, full names and phone numbers, although, some records were duplicated,” it said.
Other potentially important information that was made publicly available includes details of login activity, including which courses or information users had accessed previously.
Login activity information could be used as part of more elaborate scams or deceitful practices such as selling of personal information to commercial third parties. For example, by knowing which courses or topics are most important to the user, malicious hackers could lure the user into a financial scam or sell the user’s contact details to other course providers, the security firm warned.
“Server logs did not indicate the precise number of users affected by the server vulnerability. However, according to our security team, the database contained about 2 million user records, although several entries were duplicated,” it said.
Users’ contact details could be harnessed to conduct a wide variety of scams while personal information from the leak could be used to encourage click-throughs and malware downloads. Personal information is also used by hackers to build up rapport and trust, with a view of carrying out a larger magnitude intrusion in the future.
When contacted, Edureka Co-founder and CEO Lovleen Bhatia, said: “We would like to inform you that we have stringent security policies in place and conduct regular security audits. Our infrastructure is on AWS and we rely on their security insights too. As per our initial investigation, no sensitive personal information of our users has been exposed”.
“Edureka is committed to privacy and protection of users' personal information and we ask our users to change their password from time to time from this perspective. Please note that we have adopted reasonable security practices and procedures designed to protect sensitive personal information from unauthorised access,” he added.
The SafetyDetectives team first discovered the Edureka vulnerability on August 1, while running routine IP address checks on specific ports. In line with its security protocols, SafetyDetectives attempted to contact Edureka on August 6, and brief the company of its findings. Failing to receive a response, the SafetyDetectives team reached out to the Indian Computer Emergency Response Team (CERT-In) on August 13, 2020, and the exposed Edureka server and data were secured soon after.
Indian researchers are working on cells that can store more energy, last longer
To fix a broken bone, doctors often harvest another bone from the patient’s body or from someone else. It ...
Superconductors from IIScScientists at IISc Bangalore have invented a device with a nanocrystal structure ...
Engineering and construction giant L&T has won a licence from the Council of Scientific & Industrial ...
Will a stock continue its current trend or will it reverse? We tell you how you can read chart patterns to ...
Sensex and Nifty 50 saw selling interest on Friday and slumped; selling pressure could continue
Investors with a long-term horizon can consider this offer
Most AMCs have been sending out cryptic e-mails. We tell you how to read between the lines
In these isolated times when people yearn for a slice of the familiar, amateur and professional chefs are ...
Forget the tuna. The island nation will keep you full and happy with coconut, koftas and jasmine
This year, on Facebook, I saw that someone had posted a list of EASY RESOLUTIONS. I didn’t copy them down but ...
With strokes of quirky humour, Partha Pratim Deb uses pulp, terracotta, glass and discarded cloth to create ...
Digital is becoming dominant media, but are companies and their ad agencies transforming fast enough to make a ...
Slow Network, promoted by journalist-lyricist Neelesh Misra, pushes rural products and experiences
How marketers can use the traditional exchange of festive wishes meaningfully
For Fortune, a brand celebrating its 20th anniversary, it was a rude shock to become the butt of social media ...
Three years after its inception, compliance with GST procedures remains a headache for exporters, job workers ...
Corporate social responsibility (CSR) initiatives of companies are altering the prospects for wooden toys of ...
Aequs Aerospace to create space for large-scale manufacture of toys at Koppal
And it has every reason to smile. Covid-19 has triggered a consumer shift towards branded products as ...
Please Email the Editor