Hackers Use Malware To Steal Cisco, IBM and Oracle Certification Manager

A certification tracking system (Credential Manager System) used by companies like Cisco, F5, IBM and Oracle has faced a data breach and sensitive data might have been accessed by the hackers.

An announcement made by Pearson VUE (Computer-Based Test (CBT) development and delivery) said a malware was placed on the server of the tracking system which allowed hackers to access sensitive data stored on the system.

The tracking system was used to issue official and diploma certifications to the professionals of various types.

Pearson VUE also clarified that Credential Manager System was the only thing that was exposed in this incident. A spokesperson from Pearson VUE said:

“Because the Credential Manager System is custom designed to fit specific customer requirements, we are working to understand how this issue may have affected each of our customers.”

Initial checks have revealed there is no Credit card or Social Security numbers leaked and it seems the hacking attempt was made to carry out fraudulent transactions.

Tracking system’s servers have been taken offline and will not be restarted until Pearson get them malware and vulnerability free.

Latest tweet shows the PCM is back online:

The Softpedia reports that initially Microsoft’s name was included in the companies affected by the attack, however, Microsoft said that the actual certifications are handled by Microsoft separately and not affected by the data breach.

Related Posts