We are not even half-way through the year 2020 and it feels like the worst year of our lives. The COVID-19 pandemic has taken control of the world. There’s no sign of slowing down of this virus. Not only the coronavirus was affecting the world, but other factors were also making a negative impact. Another major issue during this lockdown was the data breach. Zoom Video Conferencing Tool suffered a major fallback when hackers breach more than 500,000 Zoom credentials and sold it on the dark web. Here in Nepal, a hacker by the name SATAN threatens Prabhu Nepal. Information and the user’s data is the most precious factor in the current world. Any breach of data can lead to huge conflicts. Now there’s another major data breach, a hacker leaked 25 million users’ records of popular math app Mathway.

Mathway 25 Million Users Record Leaked

Mathway is one of the widely used math solving and learning applications. This application has users all over the world. Since it has large user-base it is always on the hacker’s radar.  A hacker by the name ShinyHunters who is also responsible for intrusions at Tokopedia, Wishbone, Zoosk has hacked Mathway. ShinyHunters states, ‘The only thing I can say is that the [Mathway] hack took place in January 2020’.

mathway data leaked dark web coronavirus
Mathway User Credentials on Dark Web

Following this data breach, a Mathway official stated, “At Mathway, we take our customer’s trust seriously, especially when it comes to their data, and we are committed to doing what is right for our customers. We recently discovered that certain Mathway customer account data, emails and hashed and salted passwords, was acquired by an unauthorized party.  Upon learning of this, we retained a leading data security firm to investigate, address any vulnerabilities, and remediate the incident. We are notifying all potentially impacted customers and are requiring password resets for all accounts. We regret any inconvenience this may cause our customers”.

ShinyHunters hacked the company’s backend and dumped the database. Then they removed the access to avoid detection. From early may they have been selling Mathway credentials on the dark web. Not only on the dark web, but they have sold on data the public and popular hacking forums as well. The copy of the Mathway database was circulating on Telegram channels dedicated to ‘data brokers’. The Mathway user’s credentials have been up for scale for the equivalent of 44,000 in Bitcoin or Monero. These credentials include user emails and hashed passwords.

Mathway is available for both Android and iOS with a rating of 4.5 and 4.9 respectively. You can also access the web version. So far it has been installed more than 10,000,000 times from Play Store. Having such positive feedback from the majority of the people, the data breach is a major fallback for this application. We have to wait and see what the officials will do about this situation.


You might like: