According to a KVKK notification, a data breach occurred at Udemy Inc., a company providing online education and courses. The breach lasted for two days, from April 17 to April 18, 2026, and was detected more than a month later, on May 27, 2026.
The incident resulted from a voice phishing (vishing) attack targeting the account of one of the company’s employees.
During the short period in which the attacker had access to Udemy’s systems, they were able to access personal data and exfiltrate it from the system.
The breach affected approximately 12,000 current and prospective customers.
The compromised personal data included:
- Full name
- Phone number
- Email address
- Address information
Vishing in Corporate Attacks
Compromised user accounts may serve as an entry point for attacks on corporate networks. The Udemy incident demonstrates how voice phishing, or vishing, can lead to a data breach even when an attacker has access to internal resources for only a limited period of time.
Vishing is a social engineering technique in which attackers use phone calls and psychological pressure to obtain credentials, verification codes, or other confidential information. The development of AI technologies is making these attacks even more convincing, enabling fraudsters to imitate the voices of executives, colleagues, or contractor representatives with a high degree of accuracy.
Continuous employee training in cybersecurity awareness and social engineering tactics forms an enterprise’s primary operational defense. It helps reduce the risk of human error and increases employees’ vigilance when dealing with suspicious requests.
The second layer is related to implementation of specific technical tools for data protection. SearchInform DLP (Data Loss Prevention) system delivers this critical technical control. By continuously auditing data movement within the corporate network, the DLP system acts as a persistent barrier that automatically detects and blocks illicit and high-risk operations of data transfers, including transfer of sensitive data to third parties.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!