The world’s most popular education platform, an organization with an estimated 78 million members consisting of teachers and students from all over the world, suffered a massive data breach after being hacked by an unknown cyber-assailant.
Shortly after the breach, a large cache of stolen data was listed for sale on dark web marketplace Hansa Market, by a vendor under the alias “nclay.” Motherboard was the first to catch word of the data breach, and the first to verify a sample from the data dump listed for sale on dark web.
Premier K-12 Social Learning Network Globally
Edmodo is a world renowned K-12 teaching resource company created to provide coaching tools for teachers and students globally.
The website is frequented by professionals and learners looking to share educational content, such as quizzes and assignments, with fellow students and professionals.
It also provides a platform for like-minded people to communicate and to share ideas, according to their website.
The data dump that has been listed for sale on the dark web is said to contain the details of 77 million user accounts, according to nclay.
For verification purposes, breach notification website LeakBase availed to Motherboard a sample containing two million user account details from the breach. It contained a random mix of hashed passwords, usernames and email addresses.
The sample shows that, in addition to containing salts (a random string of characters meant to make passwords harder to crack), the passwords are secured using a strong bcrypt algorithm.
For the buyers of the data listed on the dark web, cracking the passwords will definitely not be a cakewalk.The sample also revealed that some of the stolen accounts did not contain the email addresses of their users.
However, every tested email address proved to be legitimately linked to an Edmodo account and as such, could not be used to create new user accounts on the K-12 teaching resource website.
LeakBase Provides Breakdown of Top Affected Domains
In a Twitter post, the for-profit breach notification site revealed that Edmodo users with Gmail email addresses were the hardest hit by the data breach as the domain made up for 19 percent of the total number of stolen accounts.
Going by the sample taken from the dark web listing, Hotmail domain name users made up for 10 percent of the accounts while Yahoo domain name users made up for 8 percent.
The dark web vendor is selling the entire cache of stolen data (around 77 million accounts) for $1,087.79 (0.64BTC) in a listing that first appeared on the dark web last month.
However, LeakBase estimates that only 40 million of the stolen accounts come with their linked email addresses.
Further verification of that claim is yet to be conducted, however.
Edmodo Marketing & Communications Exec Says User Privacy is of Utmost Importance
Mollie Carter, Edmodo’s VP of marketing and communications, responded shortly after the news of a dark web data breach was publicized, emphasizing the company’s dedication to protecting the privacy of its users.
Carter said that the company had reported the breach to the relevant authorities and hired security experts to look into it as well.
Despite the availability of the data cache on the dark web, the company is still not aware of any compromised user accounts on their site.
The deployment of additional security measures to avoid similar scenarios in the future is underway.
The email ended with an assurance that more information concerning the dark web hack will be availed as it surfaces.