What Happened
In May 2017, Edmodo, a popular K-12 educational platform used by teachers, students, and parents for collaboration, suffered a major data breach when attackers exploited a vulnerability in its user database, stealing approximately 77 million user records (including 43.4 million unique email addresses, 76.6 million unique usernames, and bcrypt-hashed passwords). The stolen data quickly surfaced on hacking forums and dark web marketplaces like Hansa, where it was offered for sale for around $1,000, though exact breach mechanics were not publicly detailed. Edmodo responded by notifying users via email, hiring security experts, reporting to law enforcement, and recommending password changes, with an external audit confirming no plaintext passwords or school data were compromised. No other sensitive personal information was exposed, but the incident underscored risks in ed-tech, especially for minors.
