Skip to main contentSkip to main content
Feature
BLOG • 2 min read

Your Security, Our Priority: Clarifying Recent Misinformation

Recently, a claim on social media has been made suggesting that TryHackMe had been “compromised” and that admin access to our platform is up for sale. We want to assure you that these allegations are completely false. Upon learning of these claims, our team immediately conducted a thorough investigation and found no evidence of any unauthorised access on our systems. We take security very seriously and its our number one priority to ensure user data remains secure and is protected.

To maintain transparency, we directly engaged with the individual making these claims. Despite our requests, they failed to provide any credible evidence to support their allegations. In fact, our investigation revealed that the screenshots and information they presented were fabricated. We remain committed to providing a secure and reliable service to all our users.

We are dedicated to maintaining the highest level of security, and our approach includes a range of proactive and comprehensive measures, a few of which include:

  • Above Industry Standard Internal Policies and Security Controls - Our internal policies exceed industry standards, encompassing stringent data protection and access control measures (one example being that we adhere to the least privilege security principle).
  • Security-First Approach in Development - Our engineering teams integrate security considerations deeply into TryHackMe’s infrastructure configuration, internal setup, and platform development.
  • Bug Bounty Program - TryHackMe has the largest security community in the industry and invites ethical hackers and security researchers to find and disclose potential security issues responsibly. By crowdsourcing expertise, we continuously enhance our defences against emerging threats. You can find more information about our program here.
  • Penetration Tests - We engage with top-tier security firms to conduct in-depth penetration tests. This proactive approach ensures we are always a step ahead in safeguarding our infrastructure.

In the unlikely event of a real security breach, in accordance with the law we would report the incident to relevant authorities and immediately notify our users through official channels, ensuring transparency and swift action for their protection.

Your trust is our top priority, and we thank you for your continued support. If you have any questions or concerns, please do not hesitate to reach out to us.

authorBen Spring
Jan 24, 2024

Recommended

Get more insights, news, and assorted awesomeness around cyber training.

best-entry-level-cyber-security-jobs-in-2026-what-they-pay-and-how-to-get-themBlog • 6 min read

Best Entry-Level Cyber Security Jobs in 2026: What They Pay and How to Get Them

The BLS projects information security analyst roles to grow 33% through 2033, nearly four times the average across all occupations. The median salary across all experience levels sits at $124,910.

how-to-defend-against-ai-powered-cyber-attacks-a-practical-guideBlog • 6 min read

How to Defend Against AI-Powered Cyber Attacks: A Practical Guide

According to the World Economic Forum, 94% of organisations say AI is the biggest cyber security force shaping 2026. Attackers are using it to move faster, scale further, and evade controls that worked fine twelve months ago.

how-to-get-started-in-dfir-free-training-tools-and-career-path-in-2026Blog • 6 min read

How to Get Started in DFIR: Free Training, Tools and Career Path in 2026

When a breach happens, someone has to figure out what happened. Not what the attacker intended to do. What they actually did, in what order, on which systems, starting from when. That is DFIR. Digital Forensics and Incident Response is the discipline that answers those questions.

Join over 640 organisations upskilling their
workforce with TryHackMe

TryHackMe for Business

We use cookies to ensure you get the best user experience. For more information see our cookie policy.