Pearson VUE’s Credential Management System Has Been Compromised
Pearson VUE, who manages the certification programs for a large number of IT vendors like Cisco and EMC, has announced that their credential system has been the successful target of an attack. The attackers were able to compromise and access information related to a subset of users.
The company says that the hack is limited and does not impact the integrity of the testing system, K-12 assessment testing, or other systems. The company is still assessing the scope of the damage, but they do not believe that vital information such as Social Security or credit card payment information was compromised; Pearson VUE is working with law enforcement and forensic experts to assess the damage.
While the investigation progresses, access to the credential system is offline.
Various sources have reported that many of the credential management systems that Pearson VUE manages have been offline for the last few days, with the company finally making an announcement on Monday.
In a blog post, Cisco (who uses the PCM platform to track members of the CCNA, CCNP and CCIE programs) explains they believe that the leakage is limited to the holders name, mailing address, email address and phone number.
“While you may see reports of additional types of personal information being potentially compromised on the PCM platform, we have been informed that this is not the case with respect to the Cisco certification user profiles,” said Chris Jacobs, the director of Cisco’s certifications program.
Testing for vendor programs, like Cisco, that are impacted will continue while access to the tracking system is down. Pearson VUE has not given any timeline for when access to the tracking system will be available again; the company is offering identity protection to affected candidates for one-year at no cost.
More in Security
CISA Warns Unpatched VMware Servers Remain Vulnerable to Log4Shell
Jun 24, 2022 | Rabia Noureen
QNAP Releases Patch to Fix PHP Security Flaw Affecting Select NAS Devices
Jun 23, 2022 | Rabia Noureen
Microsoft Unveils New Edge Secured-Core IoT Devices to Block Firmware Attacks
Jun 22, 2022 | Rabia Noureen
QNAP Warns NAS Users About New DeadBolt Ransomware Campaign
Jun 20, 2022 | Rabia Noureen
Microsoft Defender for Individuals is Now Available on Desktop and Mobile
Jun 16, 2022 | Rabia Noureen
Microsoft Acquires Foreign Cyber Threat Analysis Company Miburo
Jun 15, 2022 | Rabia Noureen
Most popular on petri