Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

ProctorU Confirms Data Breach After Database Leaked Online

ProctorU Confirms Data Breach After Database Leaked Online


Online exam proctoring solution ProctorU has confirmed a data breach after a threat actor released a stolen database of user records on a hacker forum.

ProctorU is a proctoring service used by companies and colleges to monitor online tests for cheating.

Using installed software, webcams, and the computer’s microphone, ProctorU will monitor a test taker’s for behavior indicative of cheating. If cheating is suspected, the proctor can ask the student to show them parts of their room or desk with their webcam to ensure that cheating is not taking place.

ProctorU database leaked on a hacker forum

Last month, BleepingComputer broke the story that a known data breach seller had leaked 18 company’s databases for free on a hacker forum.

One of the leaked databases was for and contains user records for 444,000 people allegedly registered at the online proctoring service.

Proctoru database leaked for free
Proctoru database leaked for free

The samples of the database seen by BleepingComputer contains email addresses, full names, addresses, phone numbers, hashed passwords, the affiliated organization, and other information.

Sample of user records in database
Sample of user records in database

Some of the university and college email addresses contained in this database include North Virginia Community College, UCLA, Princeton, University of Texas, Harvard, Yale, Syracuse University, Columbia, UC Davis, and many more.

Also read: 4 easy guides to data breach assessment

The database also contains emails for members of the U.S. military.

At the time, BleepingComputer had contacted ProctorU, but after initial emails, we never received a reply to our queries about whether the data leak was legitimate.

In a tweeted reply to the University of Sydney student newspaper Honi Soit, who further investigated our report, ProctorU confirmed that they suffered a data breach for records from 2014 and are investigating the incident.

Tweet from ProctorU
Tweet from ProctorU

In our analysis of the database, though, users are shown who created ProctorU accounts in other years, including 2012, 2013, 2014, 2015, and even 2017.

BleepingComputer has reached out once again to ProctorU for more information but has not heard back.

Also read: 7 Client Data Protection Tips to Keep Customers Safe



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us