Pearson Vue breach and Cisco

OctalDumpOctalDump Member Posts: 1,722
You might already be aware that Pearson Vue Credential Management System was breached and some data seems to have been leaked.
Cisco have actually got more to say about this than Pearson Vue does.
They have a blog up, which is being updated, here: https://learningnetwork.cisco.com/blogs/community_cafe/2015/11/21/certifications-tracking-system-outage-and-data-exposure

What it means is that the certification tracking system is down (integral7.com, I believe). This also seems to mean that if you sat an exam recently, all you will have is the "pending" result that you get at the end of the day, and actual confirmation could take some days/weeks etc until the system is back online.
2017 Goals - Something Cisco, Something Linux, Agile PM

Comments

  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Another day, another breach. I've suffered with Pearson Vue's dumpy system for years and am not surprised security wasn't built-in.
  • no!all!no!all! Member Posts: 245 ■■■□□□□□□□
    Oy. I've got my ICND2 scheduled for next Saturday...hoping this doesn't affect anything!
    A+, N+, S+, CCNA:RS, CCNA:Sec

    "In high society TCP is more welcome than UDP. At least it knows a proper handshake" - Ben Franklin

    2019 Goals: CCNP:RS & relocate to St. Pete, FL!
  • DPN1DPN1 Member Posts: 35 ■■□□□□□□□□
    I was wondering why I hadnt received a congratulations email or get onto the tracking system! Hopefully it isnt down for too much longer
  • TWXTWX Member Posts: 275 ■■■□□□□□□□
    DPN1 wrote: »
    I was wondering why I hadnt received a congratulations email or get onto the tracking system! Hopefully it isnt down for too much longer

    I hadn't received a, "you dun goofed," either. Was wondering. Dammit.
  • scaredoftestsscaredoftests Mod Posts: 2,780 Mod
    Does this affect Microsoft certification tests? I am already affected my the OPM breach. I wonder how many I can be part of! JOY!icon_thumright.gif
    Never let your fear decide your fate....
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Just got this from Symantec:

    Hello,

    Symantec was recently informed that an unauthorized third-party may have accessed information in a database owned and controlled by Pearson VUE, a global company that helps administer credential management of Symantec’s technical certification and sales accreditation programs.

    The information in this Pearson database is believed to be limited to names, postal addresses, phone numbers, email addresses, employee/partner ID numbers, company name, and employee role and subdivision information. Symantec candidates were not asked to provide Social Security numbers, date of birth or payment card information within the Pearson Credential Management System, and all passwords in this database were encrypted.

    This incident was isolated to Pearson VUE’s Credential Management System and at no point were any of Symantec’s systems or databases accessed or affected.

    However, as a security best practice, we do suggest that you consider resetting the password on any account that used a similar username and password as the Pearson Credential Manager (CertTracker) system.

    Pearson VUE is taking this matter very seriously and we are in close contact with them to learn more about what happened and ensure appropriate safeguards are put in place. They have issued a statement and set up a hotline -- (855) 270-9182 or +1 (512) 201-2203 -- to assist with any concerns or questions you may have.

    Thank you,

    Symantec Global Exams
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    What sort of engagement you had with Symantec? I received the same thing, but I've never taken any of their exams. My only interaction with them was a NetBackup training like 5 years ago.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    cyberguypr wrote: »
    What sort of engagement you had with Symantec?

    I'm tuning Symantec DLP right now for a big client and had to learn it basically from scratch (didn't have much previous experience with this product) and decided why not to take their exam. Failed miserably. I thought that general DLP knowledge plus high-level knowledge of the product would be enough. Big mistake! Scored 51% with passing bar set on 72%.

    Questions there were like specify version of oracle you should have upgraded while upgrading the DLP product from 12.0 to 12.5 and multiple choice like 11.2.0.1 > 11.2.0.3 or 10.2.0.1 > 10.2.0.2 you got the idea. Or which advanced setting this role in this config should have and choice from some obscure abbreviations that are used in config files. I remember watching videos where the instructor addressed this specifically and said that you don't change advanced settings but call support instead, lol.

    Still, I'm determined to knock it out. Will try again in Dec. Not sure if it's worth the effort though
  • DPN1DPN1 Member Posts: 35 ■■□□□□□□□□
    Got an email of Monday or Tuesday about my certification and finally saying I passed like 3 weeks or so later . Hopefully the issues have been fixed.
  • OctalDumpOctalDump Member Posts: 1,722
    DPN1 wrote: »
    Got an email of Monday or Tuesday about my certification and finally saying I passed like 3 weeks or so later . Hopefully the issues have been fixed.

    Same here. I guess it is moving back to normal.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • techfiendtechfiend Member Posts: 1,481 ■■■■□□□□□□
    I read of one instance on here that a local guy took their VCP-DCV at the pearson vue hq. I don't remember if that was voluntary or not. Last month when I took the second linux+ test there was a guy there to take VCP5-DCV and I overheard a conversation with the receptionist saying he couldn't test today and she gave directions to the hq.

    If they require local testers to take it at the hq I wonder if it'd be delayed with the goings on, that would be my main concern over the 40 minute one way drive in good traffic. Does anyone in MSP know?
    2018 AWS Solutions Architect - Associate (Apr) 2017 VCAP6-DCV Deploy (Oct) 2016 Storage+ (Jan)
    2015 Start WGU (Feb) Net+ (Feb) Sec+ (Mar) Project+ (Apr) Other WGU (Jun) CCENT (Jul) CCNA (Aug) CCNA Security (Aug) MCP 2012 (Sep) MCSA 2012 (Oct) Linux+ (Nov) Capstone/BS (Nov) VCP6-DCV (Dec) ITILF (Dec)
Sign In or Register to comment.