Online exam proctoring solution ProctorU has confirmed a data breach after a threat actor released a stolen database of user records on a hacker forum.
ProctorU is a proctoring service used by companies and colleges to monitor online tests for cheating.
Using installed software, webcams, and the computer’s microphone, ProctorU will monitor a test taker’s for behavior indicative of cheating. If cheating is suspected, the proctor can ask the student to show them parts of their room or desk with their webcam to ensure that cheating is not taking place.
Last month, BleepingComputer broke the story that a known data breach seller had leaked 18 company’s databases for free on a hacker forum.
One of the leaked databases was for Proctoru.com and contains user records for 444,000 people allegedly registered at the online proctoring service.
The samples of the database seen by BleepingComputer contains email addresses, full names, addresses, phone numbers, hashed passwords, the affiliated organization, and other information.
Some of the university and college email addresses contained in this database include North Virginia Community College, UCLA, Princeton, University of Texas, Harvard, Yale, Syracuse University, Columbia, UC Davis, and many more.
Also read: 4 easy guides to data breach assessment
The database also contains emails for members of the U.S. military.
At the time, BleepingComputer had contacted ProctorU, but after initial emails, we never received a reply to our queries about whether the data leak was legitimate.
In a tweeted reply to the University of Sydney student newspaper Honi Soit, who further investigated our report, ProctorU confirmed that they suffered a data breach for records from 2014 and are investigating the incident.
In our analysis of the database, though, users are shown who created ProctorU accounts in other years, including 2012, 2013, 2014, 2015, and even 2017.
BleepingComputer has reached out once again to ProctorU for more information but has not heard back.
Also read: 7 Client Data Protection Tips to Keep Customers Safe
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
