Online data science learning platform DataCamp implemented a password reset for some of its users potentially affected by a data security incident.
According to a statement published on its website, DataCamp discovered on 11 February 2019 that a third party had gained unauthorized access to its systems. In the process, the intruders might have exposed the information for a subset of the company’s users. They specifically might have obtained access to users’ names, email addresses and optional data like their location and education. They also might have viewed users’ bcrypt-hashed passwords, sign-in IP addresses, account creation dates and last sign-in dates.
Following its discovery, DataCamp retained a digital forensics and security firm to investigate the causes of the incident. This effort revealed that the unauthorized individuals might have exposed the information of only a minority of users.
In response, the company notified potentially affected users via email, logged them out of their accounts out of an abundance of caution and invalidated those users’ passwords. Users can use these expert tips to create a strong, unique password for their all their web accounts including their DataCamp presence.
DataCamp also said that it will be monitoring its systems for suspicious activity, making security enhancements to its systems and notifying the data protection authorities. It also explained that it will continue its examination of what happened. As quoted in its statement:
Our investigation is ongoing. We will continue to work both internally and with our outside experts to gain a better understanding of what happened and take further action as needed. Our efforts to protect our users and prevent this type of incident from happening in the future are our top priority.
Users can reset their DataCamp passwords by clicking on this link. They can also contact the company’s support team at firstname.lastname@example.org should they have any additional questions