惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
LINUX DO - 最新话题
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Forbes - Security
Forbes - Security
博客园 - 司徒正美
Hugging Face - Blog
Hugging Face - Blog
W
WeLiveSecurity
Jina AI
Jina AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
N
News and Events Feed by Topic
V
V2EX
Stack Overflow Blog
Stack Overflow Blog
Engineering at Meta
Engineering at Meta
PCI Perspectives
PCI Perspectives
Martin Fowler
Martin Fowler
T
The Exploit Database - CXSecurity.com
F
Full Disclosure
WordPress大学
WordPress大学
S
Security Affairs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
S
SegmentFault 最新的问题
P
Privacy International News Feed
IT之家
IT之家
M
MIT News - Artificial intelligence
G
GRAHAM CLULEY
Hacker News: Ask HN
Hacker News: Ask HN
D
DataBreaches.Net
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
Check Point Blog
美团技术团队
Security Latest
Security Latest
Cyberwarzone
Cyberwarzone
N
News and Events Feed by Topic
MyScale Blog
MyScale Blog
H
Help Net Security
宝玉的分享
宝玉的分享
The Hacker News
The Hacker News
The Last Watchdog
The Last Watchdog
The Cloudflare Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
爱范儿
爱范儿
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
I
Intezer
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
AI
AI
I
InfoQ
N
News | PayPal Newsroom
TaoSecurity Blog
TaoSecurity Blog

Consumer Insights

Qantas data breach started with a fake IT support call Lidl warns customers after data breach How to find out if your identity has been exposed by infostealers Texas breach exposes PII of 3 million hunting and fishing license customers Maine forced to take down data breach portal after fake notices filed with authorities Carnival breach exposes data of nearly 6 million people 7-Eleven data breach exposes data of 185,000 people UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years DAEMON Tools Lite breach prompts urgent update after malware-laced installer Instructure confirms breach; millions of Canvas users potentially impacted Stalkerware data leak exposes private screenshots linked to celebrities and influencers Rituals data breach exposes customer details Booking.com says breach exposed travelers’ data Basic-Fit data breach exposes member information across Europe Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data Lapsus$ claims AstraZeneca breach exposes code and credentials Aura data breach exposes 900,000 records after phishing attack Telus Digital data breach confirmed after ShinyHunters claims 1PB theft Was Your Data Exposed in the Latest Under Armour Breach? Here’s What You Should Do Breach at Tinder, Hinge and OkCupid exposes user data Europe Fines Big Tech €1.2 Billion under GDPR in 2025 European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data European Space Agency Confirms New Data Breach; Classified Info May Have Been Stolen Rainbow Six Siege Servers Offline After Massive Breach Floods Accounts with Billions of R6 Credits 21,000 Nissan Customers Exposed After Third-Party Server Breach Spotify Catalog Scraped, 300TB Music and Metadata Dumped via Torrent University of Sydney Confirms Data Breach Affecting Thousands Leroy Merlin Breach Alert: French Customers Notified After Cyberattack Exposes Personal Data CodeRED Emergency Alerts Disrupted Across US After Ransomware Breach
Hackers claim to have breached Udemy, stealing 1.4 million user records
Alina BÎZGĂ · 2026-04-27 · via Consumer Insights

Notorious hacking group ShinyHunters recently announced they had breached Udemy’s systems and exfiltrated a large dataset of user information.

Key takeaways:

  • Hackers claim to have stolen 1.4 million Udemy user records
  • The company has not confirmed the breach
  • Stolen information may include personal and internal data
  • Attackers are using a “pay or leak” extortion tactic
  • Users should update passwords, enable 2FA, and watch out for scams

What happened?

On April 24, 2026, the cybercriminal group ShinyHunters issued a “pay or leak” ultimatum, warning Udemy that they had breached their systems and that over 1.4 million records, including internal corporate data, would be made public if their demands were not met.

“Over 1.4M records containing PII and other internal corporate data have been compromised. Pay or Leak,” ShinyHunters said on their leak site. “This is a final warning to reach out by 27 Apr 2026 before we leak, along with several annoying (digital) problems that'll come your way. Make the right decision, don't be the next headline.”

What data was allegedly exposed?

According to Haveibeenpwned, the breach includes an extensive dataset. The reportedly compromised data may include:

  • Email addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Employers
  • Job titles
  • Payment method information

At the time of writing, the breach remains unconfirmed by Udemy.

If the data is legitimate, exposed information could be used in targeted phishing campaigns, credential stuffing attacks on other platforms, and account takeover attempts.

What should Udemy users do?

Even though the breach is still unconfirmed, it’s a good time to double-check your security.

Start with the basics and update your passwords. If you’ve used your Udemy password elsewhere, change it and don’t forget to enable 2FA, which adds an extra barrier that can stop many automated attacks.

Be cautious with incoming messages. Expect phishing attempts that reference courses, certificates, or account issues. Use free scam detection tools like Scamio and Link Checker to verify suspicious links before interacting.

And finally, keep an eye out for potentially exposed data. Services like Bitdefender Digital Identity Protection are designed for exactly this kind of situation.

Even if this breach claims turns out to be false, the service continuously monitor for your personal data across known leaks. If your information does surface in a confirmed breach, you’ll get real-time alerts and clear steps to secure your identity.