Vedantu compromised details of 687,000 users

06.11.2019

Back to news

Companies keep dealing with consequences of unprotected databases stored in the cloud.

Vedantu, an interactive online tutoring platform in India for 11-18 years old students, compromised the data of 687,000 users. The personal details including names, emails, IP addresses, phone numbers, website activity were located in an unsecured MongoDB server.

User passwords weren’t visible in plaintext only because they were stored as bcrypt hashes.

The database leaked nearly 4 months ago and appeared on the forum and was shared by forum members.


12,000 unsecured databases were removed from MongoDB in May - Elasticsearch and MongoDB have hit the news multiple times this year. Monitor your data storages with the help of professional services.