Seems Udemy got hacked, but hasn't told anyone yet (feddit.online)

submitted 1 week ago by Jerry@feddit.online to c/cybersecurity@sh.itjust.works

8 comments fedilink hide all child comments

Received this email about Udemy having been hacked. Doesn't seem like Udemy feels any urgency in informing anyone.

Hi Jerry, an announcement has been made from Alexander, instructor of Elementor Mastery - Build Amazing Websites With Elementor, The Ultimate WordPress Boot Camp Course - Build 10 Websites and 1 more course.

Hi everyone,

I wanted to reach out directly about a security incident that affects this platform and may affect you.

On April 24, the threat group known as ShinyHunters added Udemy to their data leak site and issued a three-day deadline. The deadline passed on April 27, and the data has now been published. Have I Been Pwned has confirmed the leak contains approximately 1.4 million unique email addresses, along with names, physical addresses, phone numbers, employer information, and for instructors, payout method details (PayPal, cheque, bank transfer information).

As of this announcement, Udemy has not issued a public statement, has not responded to media inquiries, and has not directly notified affected users. I want to be transparent with you that this is the case, because you may not learn about it from Udemy itself.

What you should do right now:

Check your email address at haveibeenpwned.com to confirm whether your account is in the leaked dataset.

Change your Udemy password immediately, and change it anywhere else you may have reused that password.

Enable multi-factor authentication on your Udemy account if you have not already.

Be alert for targeted phishing emails over the coming weeks. Attackers will likely send messages referencing your course history, instructor name, or payout details to appear legitimate. Treat any unexpected email about your account, refunds, or payments with extra scrutiny.

If you are an instructor, monitor your linked payout accounts (PayPal, bank) closely for unusual activity.

I have published a video on my YouTube channel that walks through the breach in detail, explains how this attack pattern works, and covers each of these protective steps in depth. If you find this kind of breakdown useful, the link is below.

https://www.youtube.com/watch?v=Ycbeoibawp8

I will continue to update you here if Udemy issues a statement or if new information emerges. In the meantime, take the steps above and stay vigilant.

Stay safe,

Alex

you are viewing a single comment's thread
view the rest of the comments

[-] farmgineer@nord.pub 3 points 1 week ago

Hrm. I have a specific email address for udemy and it doesn't show up on haveibeenpwned so far.

this post was submitted on 28 Apr 2026

34 points (94.7% liked)

Cybersecurity

9926 readers

410 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social