ShellCodeX Breach Report
Vedantu Data Breach
vedantu.com
Verified breach
Passwords exposed
Accounts exposed
686,899
Breach date
08 Jul 2019
Added to tracker
01 Nov 2019
Data classes
10
What happened
In mid-2019, the Indian interactive online tutoring platform Vedantu suffered a data breach which exposed the personal data of 687k users. The JSON formatted database dump exposed extensive personal information including email and IP address, names, phone numbers, genders and passwords stored as bcrypt hashes. When contacted about the incident, Vedantu advised that they were aware of the breach and were in the process of informing their customers.
Exposed data
Browser user agent details
Email addresses
Genders
IP addresses
Names
Passwords
Phone numbers
Spoken languages
Time zones
Website activity
Recommended actions
- Change your Vedantu password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Vedantu — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP