Skip to content
Cyber Breaches
Search
Data breachResolved

Udemy data breach (2026)

In April 2026, online training company Udemy was the victim of a “pay or leak” extortion attempt perpetrated by the ShinyHunters group. The data was subsequently leaked publicly and contained 1.4M unique email addresses belonging to customers and instructors.

Victim
Udemy
records
1.4M
SectorFinance

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2026-04-24, Udemy was affected by a data breach. Approximately 1,401,259 accounts were exposed. In April 2026, online training company Udemy was the victim of a “pay or leak” extortion attempt perpetrated by the ShinyHunters group. The data was subsequently leaked publicly and contained 1.4M unique email addresses belonging to customers and instructors.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Udemy
  2. udemy.comhttps://udemy.com

Related incidents

Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA — a French real-estate tokenization and fractional-investment fintech — up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K