Pearson VUE, the firm behind a certification tracking program used by the likes of Microsoft, Oracle, IBM, Cisco and F5, has suffered a data breach that allowed hackers to access sensitive data.
In its official statement, Pearson VUE said that an unauthorised third party placed malware onto the company’s Credential Manager System and this allowed it to “improperly access certain information related to a limited set of [Pearson VUE’s] users”.
The firm, which is used by high-profile tech companies to issue diplomas and official certification to a range of different types of professionals, said that its Credential Manager System, which provides support to adults in a number of professional fields, was the only system to be affected by the breach.
However, it said it was still assessing the scope of the specific data elements involved.
“As of now, we do not believe that US Social Security numbers of full payment card information were comprised as a result of this issue,” the statement reads.
It added that as the system is designed to fit specific customer requirements, it is still trying to work out how the issue could have affected each of its customers.
“We are working with law enforcement and leading third-party forensic experts to assess and verify the scope of the issue and related facts,” it said.
It emphasised that its analysis to date indicated that the issue only affects the Credential Manager System.
“There is no indication that other systems have been affected.”
While the matter is being investigated, the firm said that the Credential System would remain offline.