Tech unicorn UiPath discloses data breach

EXCLUSIVE: UiPath admits to accidentally exposing a file containing the personal details of some of its registered users.
Written by Catalin Cimpanu, Contributor
Image: UiPath

Tech unicorn UiPath, a startup that makes robotics automation software, is currently emailing users about a security incident that exposed their personal information online.

"On December 1, 2020, UiPath became aware of an incident that resulted in unauthorized disclosure of a file containing limited personal information about users of UiPath Academy," the company wrote in an email sent to users today, seen by ZDNet.

The file included details such as real names, email addresses, usernames, company name, country locations, and UiPath certification details for users who signed up for the company's online learning platform, the UiPath Academy.

"We are aware of only one online source where the information was made available," UiPath said. "For important security (and other related) reasons, UiPath is unable to name the source."


Details provided in a FAQ page suggest the exposed file might have been an older backup. UiPath said that only users who registered on its platform before or on March 17, 2020, had their details leaked.

UiPath said that no passwords or financial information were exposed in the recent incident and that it will be notifying all users who had their data exposed online. Only data from the UiPath Academic was exposed, and the company's official products remained secure, it said.

UiPath declined to say how many users were impacted after ZDNet reached out for comment earlier today.

Founded in 2005 in Bucharest, Romania, UiPath is considered one of the biggest providers of RPA (robotics process automation), which is software (not actual robots) for automating various business operations using algorithms and artificial intelligence workers.

With a customerbase of more than 7,000 companies, UiPath has raised more than $1.2 billion in funding and is valued at $10.2 billion as of July 2020.

Data leaks: The most common sources

Editorial standards