UiPath, a tech unicorn focused on robotics automation, has recently publicized that it suffered a data breach that compromised its users’ personal information, said ZDNet. The company has notified affected users.
The breach occurred after an unauthorized party accessed a file that contained real names, usernames, company names, email addresses, country locations, and certification details for UiPath Academy users.
According to the email notification sent by the company, “On December 1, 2020, UiPath became aware of an incident that resulted in unauthorized disclosure of a file containing limited personal information about users of UiPath Academy.”
The startup assured users that payment details, government identification cards, passwords, and other sensitive information are not included in the file.
Regarding the source of the breach, the company said, “We are aware of only one online source where the information was made available. For important security (and other related) reasons, UiPath is unable to name the source.”
To help users know more about the incident, the company released a Frequently Asked Questions (FAQ) page on the learning platform. According to the document, the compromised file could be an older backup.
Moreover, it clarified that customers who registered for the online learning service on March 17, 2020 had their information disclosed. The company’s official products are safe and only the platform has been affected.
The signatory in the email, the company’s chief legal officer Brad Brubaker, assured users that the startup prioritizes security. Brubaker said, “At UiPath, our top priority is ensuring you feel confident in your interactions with us.”
He added, “We continue to take the privacy and security of all information you entrust to us very seriously.”
Users are also encouraged to report any suspicious activity including illegal or unauthorized security activity by sending them an email. Any issue of loss, theft, unauthorized disclosure and illegal use of usernames, passwords, or accounts should also be reported.
Customers are tasked to control all account activity on the platform. When asked about the scale of the breach, the company refused to give numbers to ZDNet, who reached out to the startup for comments.
The Bucharest-based company is known as one of the biggest service providers of robotics process automation software used for automating business procedures with the help of algorithms and artificial intelligence.
The company currently has over 7,000 customers. It was able to raise over $1.2 billion and is valued at $10.2 billion as of July 2020.
