Credential manager system used by Cisco, IBM, F5 has been breached

Pearson VUE, a provider of computer-based assessment testing for regulatory and certification boards, has announced that its Credential Manager system (PMC) has been compromised by an unauthorized third party with the help of malware.

Pearson VUE is part of Pearson, the world’s largest learning company. Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company’s solutions to develop, manage, deliver and grow their testing programs.

“PCM is a credential management system used by a subset of Pearson VUE’s credentialing, certification and licensing customers. Many of these customers refer to the platform by a different name with their candidates/members,” the company explained in a FAQ.

“If your credentialing, certification or licensing organization has posted information about this or communicated with you about the issue directly, then it’s likely that you use this platform. It is important to note there is no indication at this time that the issue involved the Pearson VUE Testing System, the PearsonVUE.com website or any other Pearson/Pearson VUE systems. The issue is isolated to the PCM system.”

The PCM system remains offline for now.

The company is still assessing the scope of the breach, and says that they do not think that US Social Security numbers or full payment card information were compromised. But because the PMC is custom designed to fit specific customer requirements, they are still looking into how this incident affected each of their customers.

The company will be contacting affected customers and individuals, but has warned them not to fall for potential phishing schemes impersonating the company and asking for sensitive information.

F5, which uses the affected system for its F5 Certified exams, has shared more information about what type of information could have been compromised.

“According to Pearson VUE, an unauthorized party may have improperly gained access to information related to users that could include: names, postal addresses, phone numbers, email addresses, user IDs and, in some cases, last four digits of credit card numbers and dates of birth,” they announced.

“As a precaution, Pearson VUE has taken its Credential Manager System offline and has informed us that it will remain offline until this matter has been resolved. As a result, all F5 certification processes are on hold until Pearson VUE gets its Credential Manager System back on line—our apologies for this inconvenience.”

Cisco’s Certifications Tracking System has also been affected and it’s down.

“PCM is an important part of Cisco’s certification ecosystem, as it enables individual users to manage and track their CCIE, CCNA, CCNP and other Cisco certifications directly through Pearson’s platform,” Chris Jacobs, Director of Certifications & Lab Delivery Technical Services at Cisco, explained

An unauthorized party may have accessed limited personal information from PCM, though we believe the impact to Cisco users does not include as many data fields as the broader user audience. At this time, we believe that the compromised information, as it relates to individuals who have taken exams for and hold Cisco certifications, is limited to: name, mailing address, email address and phone number. So, while you may see reports of additional types of personal information being potentially compromised on the PCM platform, we have been informed that this is not the case with respect to the Cisco certification user profiles.”