ShinyHunters has claimed responsibility for a new data breach, this time targeting Udemy. The group alleges that it has accessed more than 1.4 million records, including personal user data and internal company information.
The claim surfaced on April 24, 2026, when the group posted a “Pay or Leak” message on its leak site. It has given Udemy a deadline of April 27, warning that the data will be made public if its demands are not met.
The message reportedly reads like a typical extortion threat, urging the company to act quickly or risk becoming the next major breach headline.
According to the group, the stolen data includes personally identifiable information (PII), internal corporate data, and potential access to sensitive systems or records. However, these claims are not yet independently verified, and Udemy has not confirmed the breach at the time of writing.
ShinyHunters is a well-known cybercriminal group that has been active since around 2019. It follows a “Pay or Leak” model, where attackers steal data and demand payment to prevent it from being released. The group gained attention in 2020 after claiming to have stolen over 200 million records from multiple companies.
As of now, Udemy has not released any official statement confirming or denying the breach. This means the situation is still developing, and the claims should be treated with caution.
Even though the breach is not confirmed, it is better to take precautions. Users and companies using Udemy should change their account passwords and enable multi-factor authentication if not already active. They should also watch for suspicious emails or login alerts.
If the breach is confirmed later, these steps can help reduce risk.
Related Posts
