- Oct 23, 2012
- 12,527
Pearson VUE has announced a data breach of its Credential Manager System, a certification tracking program used by companies like Cisco, F5, IBM, Microsoft, and Oracle, to issue diplomas and official certification for various types of professionals.
According to the company's official statement, the data breach occurred via malware implanted on its servers by an unauthorized third-party. This malware has allowed the third-party to access sensitive data.
Pearson VUE says that only the Credential Manager System was affected by this particular incident.
"Because the Credential Manager System is custom designed to fit specific customer requirements, we are working to understand how this issue may have affected each of our customers," said a Pearson spokesperson.
While assessing the damage for each client may take some time, the company was quick to say that no sensitive information like credit card numbers and Social Security Numbers were leaked in the incident.
To prevent further intrusions, the company took the Credential Manager System offline and announced the proper authorities.
It is highly unlikely that any details about current certifications may have been modified by the attackers since they were probably looking for data to exploit in fraudulent transactions or to sell on the black market.
In the meantime, the certification systems of affected companies will remain offline until Pearson deems it safe to restart its own servers.
According to the company's official statement, the data breach occurred via malware implanted on its servers by an unauthorized third-party. This malware has allowed the third-party to access sensitive data.
Pearson VUE says that only the Credential Manager System was affected by this particular incident.
"Because the Credential Manager System is custom designed to fit specific customer requirements, we are working to understand how this issue may have affected each of our customers," said a Pearson spokesperson.
While assessing the damage for each client may take some time, the company was quick to say that no sensitive information like credit card numbers and Social Security Numbers were leaked in the incident.
To prevent further intrusions, the company took the Credential Manager System offline and announced the proper authorities.
It is highly unlikely that any details about current certifications may have been modified by the attackers since they were probably looking for data to exploit in fraudulent transactions or to sell on the black market.
In the meantime, the certification systems of affected companies will remain offline until Pearson deems it safe to restart its own servers.
