udemy.comudemy.com data breach

udemy.comudemy.com

What Happened

In April 2026, online learning platform Udemy.com was targeted in a “pay or leak” extortion attempt by the ShinyHunters hacking group, who claimed to have stolen approximately 1.4 million records containing personally identifiable information (PII) of customers and instructors, including unique email addresses, names, physical addresses, phone numbers, employer details, job titles, and instructor payout methods such as PayPal, cheques, and bank transfers. The group publicly listed Udemy on their leak site around April 24, 2026, issuing a final warning with a payment deadline of April 27, 2026, before releasing the data after negotiations failed; it was added to Have I Been Pwned on April 26, 2026, confirming the exposure. Udemy had not issued an official statement at the time of reports, and the breach could enable phishing or vishing attacks by the group, known for targeting education platforms via social engineering and credential theft.

Compromised Assets

  • email
  • full name
  • phone

Check your company's
exposed credentials

Enter your work email to instantly access a free account
and see your company’s exposed credentials.

Related Breaches