UiPath is a leading Robotic Process Automation vendor providing a complete software platform to help organizations efficiently automate business processes.
The startup started reporting the security incident to its customers that had their data accidentally exposed online, only users who registered on its platform before or on March 17, 2020, were impacted.
“On December 1, 2020, UiPath became aware of an incident that resulted in unauthorized disclosure of a file containing limited personal information about users of UiPath Academy,” reads an email statement, seen by ZDNet. sent by the company to its users today.
Exposed accidentally users’ details include real names, email addresses, usernames, company name, country locations, and UiPath certification details for users who signed up for the Academy learning platform.
“We are aware of only one online source where the information was made available,” the company added. “For important security (and other related) reasons, UiPath is unable to name the source.”
The user details were contained in a file that appears to be an older backup.
The company pointed out that financial information either passwords were not exposed. The incident did not expose the company’s official products.
At the time of this writing, the software firm hasn’t disclosed the number of impacted users.
(SecurityAffairs – hacking, data leak)