Proctortrack, an online test proctoring service that shut its services down to deal with a security breach, will resume its online test proctoring services following a comprehensive audit by an independent cybersecurity provider, which concluded that an unauthorized access into one of the company’s servers had been quickly contained and that no customer data was breached.
The audit was performed by an independent global cybersecurity provider, Network Intelligence. It determined that no personally identifiable information (PII) was accessed, no data was altered, no credit card account numbers were stolen, and no log-in credentials were compromised. The largest category of information accessed was a quality assurance testing server used for outdated developmental source code.
As indicated by the audit, on October 13, 2020 an unauthorized user accessed a quality assurance server for Proctortrack, leaked part of the source code, disabled its marketing site, and sent offensive emails that appeared to be from the company that were received by three individuals, all in the United States. The individual then posted the fake email on Twitter with hashtags of a company client.
Following the discovery of the breach, on October 14, Verificient, the parent company of Proctortrack, was transparent regarding the situation and suspended the online service to investigate and to protect customer data.
“Fortunately, the audit confirmed that our existing security infrastructure limited the extent of the intrusion. As determined by the audit, the unauthorized individual was quickly isolated and removed from the company’s server. Verificient immediately fixed the configuration vulnerability that the individual exploited," stated Rajnish Kumar, CEO of Verificient in a press release. "Although we are relieved to be able to report that none of our customers’ private data was breached, I sincerely apologize for the understandable concern that this incident has caused. We are committed to taking further steps to ensure the security of the private data with which we are entrusted while limiting any future disruptions in service to our educational partners and student communities. We will be sharing details on these measures with our customers and valued partners.”