// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
Breach Record

Udemy

DISCLOSED 2026-04-24 · STOLEN CREDS · 1,401,259 RECORDS EXPOSED

In April 2026, online training company Udemy was the victim of a “pay or leak” extortion attempt perpetrated by the ShinyHunters group. The data was subsequently leaked publicly and contained 1.4M unique email addresses belonging to customers and instructors. The data also included names, physical addresses, phone numbers, employer information and instructor payout methods...

The record

What we know

Disclosed
2026-04-24
Attack vector
Stolen Creds
Records exposed
1,401,259
Domain
udemy.com
Data classes exposed
Email addressesEmployersJob titlesNamesPayment methodsPhone numbersPhysical addresses
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Udemy disclosure. It updates if new public reporting emerges. All tracked breaches →

Udemy just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →