Free Demo

Trending

Recognition:Cyble Recognized in Forrester’s External Threat Intelligence Service Providers Landscape, Q1 2026 Recognition:Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer Report:Global Cybersecurity Report 2025 Report:Europe Threat Landscape Report 2025 Report:APAC Cyber Threat Landscape Report 2025 Report:North America Cyber Threat Landscape Report 2025 Report:META Threat Landscape Report 2025
Recognition:Cyble Recognized in Forrester’s External Threat Intelligence Service Providers Landscape, Q1 2026 Recognition:Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer Report:Global Cybersecurity Report 2025 Report:Europe Threat Landscape Report 2025 Report:APAC Cyber Threat Landscape Report 2025 Report:North America Cyber Threat Landscape Report 2025 Report:META Threat Landscape Report 2025
ee-track">
Report:Global Cybersecurity Report 2025 Report:Europe Threat Landscape Report 2025 Report:APAC Cyber Threat Landscape Report 2025 Report:North America Cyber Threat Landscape Report 2025 Report:META Threat Landscape Report 2025 Recognition:Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer Recognition:Cyble Recognized in Gartner® Hype Cycle™ 2025 Recognition:Cyble Named in Gartner® Hype Cycle™ for Managed IT Services 2025
Report:Global Cybersecurity Report 2025 Report:Europe Threat Landscape Report 2025 Report:APAC Cyber Threat Landscape Report 2025 Report:North America Cyber Threat Landscape Report 2025 Report:META Threat Landscape Report 2025 Recognition:Cyble Recognized as 2026 Gartner® Peer Insights™ Strong Performer Recognition:Cyble Recognized in Gartner® Hype Cycle™ 2025 Recognition:Cyble Named in Gartner® Hype Cycle™ for Managed IT Services 2025
HomeBlog
[Updated] Unacademy, India’s Largest Learning Platform Has Been Breached by Professional Hackers
Updated Unacademy India’s Largest Learning Platform Has Been Breached by Professional Hackers

[Updated] Unacademy, India’s Largest Learning Platform Has Been Breached by Professional Hackers

With around $200 million of funding amount, Unacademy which is India’s largest education platform based in Bangalore is changing the way to learn. In a span of 6 months, over 300,000 students have benefited from over 2,400 online lessons and specialized courses on cracking various competitive examinations, on our platform. They have onboard some of the top educators in the country. They originally started as a YouTube channel in 2010 by Gaurav Munjal. As a company, it was founded by Roman Saini, Gaurav Munjal, Hemesh Singh in 2015, and is headquartered in Bangalore. The company has a network of over 12,000 educators and offers preparation material for several professional and educational entrance exams. Unacademy lessons are in the form of free videos, and via subscription. 

As per one of the financial reports, Unacademy expects to earn annual revenue of around $300 million in the coming years. Big enterprises such as this should start emphasizing on their installed security mechanisms. For which the Cybersecurity Company not only holds the largest data breach monitoring search engine – amibreached.com that holds over 40 billion darkweb records, but has also come up with the vision to provide services which include enabling faster detection of cyber threats via Cyble Vision and providing clear visibility to third-party cyber threats and risks via their Third-Party Cyber Risk Intelligence Platform.

The fast-growing cybersecurity intelligence firm Cybersecurity Company identified and disclosed another major data breach. On May 3rd, 2020, Cybersecurity Company. discovered that a threat actor had begun to sell an Unacademy user database containing 20 million accounts for $2,000. Unacademy is India’s largest online learning platform. This data breach apparently took place in Jan 2020, and the perpetrator alleged that they have access to their entire database. However, they decided to only leak users account at this point in time, further leaks are expected in the near future. Below is the snapshot of the Unacademy accounts being posted for sale on darkweb.

Screen Shot 2020 05 05 at 3.15.19 pm

Cyble has also acquired the leaked database which approximately contains 22 million (21,909,709) Unacademy’s user account details. Following fields are available on the leaked data:

  • ID
  • Encrypted password
  • username
  • Email address
  • First Name
  • Last Name
  • Date Joined
  • Last Login
  • Is_Staff
  • Is_Active
  • Is_superuser

At this point, Cyble is unable to confirm who else might have access to this data. The threat actor also mentioned to Cyble researchers that the group is currently selling the user accounts only. They also claimed to have access to the entire databases of Unacademy, which might be in the darkweb market soon. Cyble team is continually monitoring the situation for any key developments.

Given the scale of this breach, it’s anticipated to affect other organisations as well potentially. Cybercriminals are always on the lookout for such breaches and utilise them for credential stuffing attacks. We have seen accounts/records with domain names from Infosys, TCS, Cognizant, Reliance Industries, TCS, HDFC, Accenture, ICICI, SBI, Canara Bank, Bank of Baroda, Punjab National Bank and several other large organisations. We welcome concerned organisations to get in touch with us to learn more. Alternatively, the concerned organisations can also get some information from our data breach monitoring platform, AmIBreached.com

report-ad-banner

We advise users to:

  • Change their Unacademy passwords immediately. 
  • Change passwords of any other account with a similar password pattern.
  • Implement multi-factor authentication where possible
  • Avoid using their corporate email addresses on third party services where possible
  • Closely monitor their financial transactions records to detect any anomalies
  • We also encourage people to register on amibreached.com and our social media channels (blog) to gain new information/updates regarding this attack, and many others we are tracking actively. 

Below is the snapshot of some of the user accounts details being leaked via this data breach attack-:

Update: On May 8, 2020, hackers have just released more data of the Unacademy for sale on the dark web market. On this instance, they leaked four SQL files which include Unacademy user’s data, Unacademy profiles data, Unacademy IP details, and Unacademy online quizzes questions and answers as shown below in the snapshot-:

Screen Shot 2020 05 08 at 4.40.14 pm 1

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

Disclaimer: This blog is based on our research and the information available at the time of writing. It is for informational purposes only and does not constitute legal, financial, or professional advice. While we strive for accuracy, we do not guarantee the completeness or reliability of the content. If any sensitive information has been inadvertently included, please contact us for correction. Cyble is not responsible for any errors, omissions, or decisions made based on this content. Readers should verify findings and seek expert advice where necessary. All trademarks, logos, and third-party content belong to their respective owners and do not imply endorsement or affiliation. All content is presented “as is” without any guarantee that it is free of confidential, proprietary, or otherwise sensitive information. If you believe any portion of this content contains inadvertently shared or sensitive data, please contact us immediately so that we may address and rectify the issue. No Liability for Errors or Omissions Due to the dynamic nature of cyber threat activity, this [blog/report/article] may include partial, outdated, or otherwise incorrect information due to unverified sources, evolving security threats, or human error. We expressly disclaim any liability for errors or omissions or any potential consequences arising from the use, misuse, or reliance on this information.
why cyble

Get Threat Assessment Report

Identify External Threats Targeting Your Business​
Get My Report
Free
Cyble Vision
CISO's Guide to Threat Intelligence 2024

CISO’s Guide to Threat Intelligence 2024: Best Practices

Stay Ahead of Cyber Threats with Expert Insights and Strategies. Download Free E-Book Now

Stay informed

Subscribe to Cyble

Get the latest threat intelligence, research, and security updates straight to your inbox.

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams
Share the Post:

Related Posts

Scroll to Top