Essay Example on Unacademy Data Breach: India's Worst Cybercrime

Introduction

Cybercrime is any type of misconduct that involves a computer or any other kind of electronic device. A worst cybercrime committed, as reported in recent news, is the data breach at the Indian learning platform Unacademy. I consider this cybercrime as the worst in the current news as it affected millions of user accounts. According to Bannister (2020), Unacademy is the largest online education platform in India. The data breach has led to the exposure of personal details of over 11 million users. The position paper examines the data breach as the worst cybercrime when compared to others reported in the recent news.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

The Effect of the Cybercrime

Eleven million account users were affected by the data breach, but they comprise about half of the affected individuals (Bannister, 2020). More people have experienced exposure of personal information through the Unacademy data breach. The learning platform has only 11 million user accounts that are registered. However, the actual users of these learning accounts are more than the registered numbers. The Cybleinc (2020) noted that professional hackers attacked the Unacademy online learning platform. Cyble pointed out that the professional hackers have captured a database that contains about 22 million user accounts of the Unacademy. These databases are to be sold on the dark web for only $2,000 (Cybleinc, 2020).

Bannister (2020) stated that the leaked information entailed user names, names, IDs, email addresses, times of last login, encrypted passwords, and dates joined. Cyble affirmed the occurrence of the incident in January 2020 when the data breach took place. That confirms more leaks of data that has been happening in the Unacademy online education platform without the company’s knowledge. The criminal alleged to have accessed the entire database of the Unacademy. However, they will only leak the users' accounts at the moment, and more information expected to be leaked in the future. In reality, that is not the case, as Cyble reported that the hackers sold more details from the Unacademy online education platform to the dark web on the 8th of May 2020 (Cybleinc, 2020).

Comparing and Contracting the Cybercrime with Others

The data breach cybercrime at Unacademy online education platform can be compared to other cybercrimes that have occurred in the recent past and reported in the new, including cyber-attacks and Trojan. A cyber-attack is launched using different methods, including phishing, ransonware, malware, and denial of service, among other approaches (Check Point Software Technologies Ltd, 2020). The cybercrime of data breach can be compared to the cyber-attack that occurred in Service (New South Wales) NSW of the Australian government agency on the 22nd of April 2020 (Woollacott, 2020). The cyber-attack affected email accounts of 47 workers at the government information office, Service NSW. The professional hackers used phishing as the method of cyber-attack to the Service NSW government office (Gerova, 2020).

Comparison of the destruction caused by the cyber-attack at the government office and the data breach at the Unacademy, the data breach cybercrime is the worst cybercrime that has been reported in recent news. The cyber-attack only affected email accounts of 47 employees. At the same time, the data breach exposed the user names, names, IDs, email addresses, times of last login, encrypted passwords, and dates joined of over 11 million account users in the Unacademy online education platform. The data breach cybercrime had more devastating effects on a high number of innocent people compared to the cyber-attack that only caused phishing of employee emails (Gerova, 2020). The introduction of a cyber-attack in Unacademy could not have produced a similar effect like the one created by the data breach. A cyber-attack could only affect the functioning of the networks or computers in the Unacademy Company. However, more information about the account users was exposed through the data breach cybercrime.

A Trojan entails the use of a malicious code or software that appears legitimate, but has the capacity of controlling ones computer (NortonLifeLock Inc, 2020). It is designed to disrupt, steal, damage, or generally inflicting harmful actions on the computer or network's data. A Trojan cybercrime that is comparable to the data breach cybercrime is the Cerberus Android banking Trojan that affected the mobile endpoints of multinationals. The Cerberus Trojan affected 75% of the mobile devices of conglomerates in the multinational. The attackers accessed the Mobile Device Manager (MDM) server and stole passwords and 2FA credentials (Check Point Research, 2020). When comparing the effects of the Cerberus Android banking Trojan to the data breach cybercrime, the latter is the worst crime based on the damage it caused and the number of the affected account users. Only the mobile devices of conglomerates in the multinational were affected by the Cerberus Trojan, whereby the attackers stole passwords and 2FA credentials. When used in the Unacademy, Trojan cyber-crime could not have worked at all since the main target of the attackers for the data breach was to steal information about the accounts users and sell it on the dark web. The attackers of the data breach did not target mobile devices or any financial data from the online education platform account owners.

The Efficacy of the Cybercrime in Weakening Critical Infrastructure

The data breach of cybercrime at Unacademy was effective in weakening critical infrastructure in the online education platform. The attackers accessed and can continue accessing the entire database and sell all the leaked information about the users in the dark web. Therefore, the ability to access the whole database guarantees the attackers to leak more information about the account users in the future. Only sensitive information such as financial data, passwords, and location of the account users were not breached (Bannister, 2020).

Moral Implications of the Cybercrime

The moral implications of the data break cybercrime are data security and privacy protection for the account users. The privacy of account users in the online education platform at Unacademy is violated through data breach by compromising personal information to third parties. Information about the users will be used on other websites without their consent. The Unacademy spokesman stated that the hackers would have access to more data about the users of the online education platform that earlier claimed by the company (Bannister, 2020). It will be challenging to establish who else is using the accessed data by the professional hackers at Unacademy. Therefore, more users may experience violations of privacy and information shared without consent to other web pages.

Conclusion

In conclusion, the worst cybercrime reported in recent news is the data breach at Unacademy online education platform in India. I consider this to be the worst cybercrime as it affected a large number of account users compared to other cybercrimes that have occurred and reported in the recent news—the data breach comprised personal information of over 11 million account users. The data breach has more devastating effects on a large number of account users when compared to the cyber-attack at Service NSW and Cerberus Trojan. The moral concern is that the privacy of the users is compromised.

References

Bannister, A. (2020, May 7). Data breach at Indian learning platform Unacademy exposes millions of user accounts. The Daily Swig. https://portswigger.net/daily-swig/data-breach-at-indian-learning-platform-unacademy-exposes-millions-of-user-accounts

Bannister, A. (2020, May 14). Multinational’s mobile endpoints engulfed by Cerberus banking Trojan. The Daily Swig. https://portswigger.net/daily-swig/multinationals-mobile-endpoints-engulfed-by-cerberus-banking-trojan

Check Point Software Technologies Ltd. (2020). What is a cyber-attack? https://www.checkpoint.com/definitions/what-is-cyber-attack/#

Check Point Research. (2020, April 29). First seen in the wild – Malware uses corporate MDM as attack vector. https://research.checkpoint.com/2020/mobile-as-attack-vector-using-mdm/

Cybleinc. (2020). Professional hackers have breached Unacademy, India's largest learning platform. Cyble. https://cybleinc.com/2020/05/05/unacademy-indias-largest-learning-platform-has-been-breached-by-professional-hackers/?__cf_chl_jschl_tk__=d17b90903475e74878b7f448479c7f54e60019bd-1589619680-0-AZa6quxH4Zmx5g1utk1u7SaDa6wjGvfo4VhGDQULhRXFR6ZrrIhTJMUbC3WMdMNLIwv-siTjzbDJcFa61lf0aMAjgwPU__aiG3NCEi3nPle-vGudUznBs_DXZIlPNpVzM_OGnV7uDL_7xEuO-lzOBRJy4RDbvTkLNZ3BnHHIcIvxP_idr5QgVSQRDmeCX9rOL2iSIWI3-ISJMybeZJHSKm4aM4aKkiM8WfwU-EyNiKUsnOQ9eOEDasjcMSA6B2nQhaztEqX0lntBbYLbnLyMhQ9mjrgV97SveSr9gC-GsEE7WUbjby4ess5WL8WWO-mG1xtrt6qXSaiqLKWcnJrXHDiWq1htf43p8ap6Ki5HN5hJDALdawS7z8tn8lkP0ZxJxnz8nXU5Pn1kP2aS0sLGvF78

Gerova, V. (2020, May 14). Customer details stolen after 'complex' cyber-attack on Service NSW Staff emails. 10 Daily. https://10daily.com.au/news/australia/a200514sxdoj/customer-details-stolen-after-complex-cyber-attack-on-service-nsw-staff-emails-20200514

NortonLifeLock Inc. (2020). What is a Trojan? Is it a virus or is it malware? https://us.norton.com/internetsecurity-malware-what-is-a-trojan.html

Woollacott, E. (2020, May 14). Service NSW: Australian government agency hit by cyber-attack. The Daily Swig. https://portswigger.net/daily-swig/service-nsw-australian-government-agency-hit-by-cyber-attack