What Happened
In March 2021, specifically around March 14, Brazilian EdTech platform Descomplica suffered a major data breach when hackers gained unauthorized access to its user database and leaked nearly 4.9 million records on a hacking forum. The exposed data included email addresses (over 4.8 million unique), usernames, names, phone numbers, hashed passwords, purchase histories, and partial credit card details such as the first 6 and last 4 digits plus expiry dates for about 1.4 million cards, along with social media links and academic information like grades and enrollment history. Descomplica acknowledged the incident, noting passwords were encrypted and partial card data insufficient for misuse, and recommended users change passwords while investigating with authorities.
