DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

DataCamp notifies users of hack, forces password reset

Posted on February 13, 2019 by Dissent

On February 11, DataCamp discovered that it had been hacked.  With thanks to “Russy” for sending this along, the following is DataCamp’s update on the situation, posted today by Robert Cabral:

DataCamp Security Update – Frequently Asked Questions

What happened?

On Monday, February 11, 2019, we discovered that some user data was exposed by a third party who gained criminal unauthorized access to one of our systems.

What has DataCamp done?

We are still investigating the precise causes and are retaining a leading digital forensics and security firm to assist us in the work being conducted by our internal security team. We will be notifying the data protection authorities.

We are taking steps to protect our users, including the following:

  • We have notified the users we believe were affected or potentially affected via email.
  • Out of an abundance of caution, we are logging out all DataCamp users who may have been affected, and, if they use a password as their authentication method, we are invalidating their passwords and prompting them to reset their passwords.
  • We continue to monitor for suspicious activity and to make enhancements to our systems to detect and prevent unauthorized access to user information.

Has DataCamp notified affected users?

Yes, we have notified by email the users we believe were affected or potentially affected.

What kind of data was affected?

A subset of DataCamp users were affected. The following information may have been exposed:

  • Personal information
    • Name
    • Email address
    • Optional information including location, company, biography, education, picture
  • Account information
    • Hashed passwords using bcrypt
    • Creation date
    • Last sign in date
    • Sign in IP address

Was my payment information compromised?

We do not store credit card data and thus do not believe credit card or Paypal data were affected.

 

Was my account affected?

Our investigation is ongoing, but we believe that while some DataCamp users were affected, the majority were not. You would have received an email from the DataCamp team prompting you to reset your password if we believe you were affected.

Even if you were not affected, you can certainly reset your password or email our support team directly at [email protected] with additional questions.

How can I reset my password?

You can change your password by clicking on the forgot password link during login. More information can be found in our ‘Forgot Password’ Help article.

Should I also reset my password for other DataCamp or connected accounts?

It is generally a best practice to regularly change and not reuse the same password across multiple services or multiple accounts. We recommend that people change their passwords if they are doing so.

How do I delete my account and all of my data from DataCamp?

Note: This action cannot be undone. Deleting your account will delete your entire account and all data associated with it.

Your account can be deleted directly from your account settings, once logged into DataCamp. More information can be found in our ‘Delete your Account’ Help article.

What is being done to make sure this does not happen again?

Our investigation is ongoing. We will continue to work both internally and with our outside experts to gain a better understanding of what happened and take further action as needed. Our efforts to protect our users and prevent this type of incident from happening in the future are our top priority.

Category: Business SectorHack

Post navigation

← Business hotspot Truluck’s reports data breach at 8 restaurants
AU: Phishers compromise Optus email accounts →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.