We have come to know about a security incident that involves Edureka’s user account information. We would like to bring to your notice that we’ve done a thorough investigation in this matter and found no evidence of any personal information leakage. However, as a precautionary measure, we recommend that you login to your Edureka account immediately and change your password.
We at Edureka give utmost importance to Cybersecurity. We strongly believe that it is our responsibility to keep your data safe and secure. Here are a few practices that we make sure to follow:
- SHA-256 with RSA Encryption: All communications are done over https using SHA-256, which is a perfectly good hashing algorithm, along with RSA Encryption certificates.
- One-way 256 bit encryption: All the user passwords are encrypted via one-way 256-bit encryption which is considered as one of the most secure encryption methods.
- VPC access: The access to VPC or the Virtual Private Cloud is done via encrypted tunnels and multi-factor authentications
- Storage access: No persistence storage is accessed outside VPC.
- Traffic restrictions: All outbound and inbound traffic is restricted as per the application only.
- AWS API Gateway: Security is a core infrastructural feature of the AWS API Gateway. Therefore, the AWS API Gateway security and throttling are implemented for all APIs.
- Session management: Http only cookie is used for session management.
- Security audit: We do a quarterly security audit and all the reported vulnerabilities are fixed on priority
To conclude, we would like to say that your data security is our responsibility and we are Ridiculously Committed to giving you the best!
Badrish Agarwal
Chief Technology Officer