Cisco has taken its training certification tracker offline after a “limited” data breach earlier this week at Pearson VUE, which maintains the system for Cisco and other companies. In a blog post, Cisco says the breach exposed only the names, addresses, e-mail addresses and phone numbers of CCIE, CCNA, CCNP and other Cisco certification candidates.
Certification testing tools themselves have not been affected, according to the Cisco blog post:
An unauthorized party may have accessed limited personal information from (Pearson Credential Manager), though we believe the impact to Cisco users does not include as many data fields as the broader user audience… So, while you may see reports of additional types of personal information being potentially compromised on the PCM platform, we have been informed that this is not the case with respect to the Cisco certification user profiles.
Testing for Cisco certifications is able to continue, Cisco said. Cisco just updated its certification program last week.
Pearson VUE on Monday said an unauthorized third party placed malware on its Credential Manager System and “improperly accessed certain information related to a limited set of our users”:
This issue does not affect other Pearson systems. Our analysis to date indicates that the issue is isolated to Pearson VUE’s Credential Manager System. There is no indication that other systems have been affected.
Pearson says it is still assessing the scope of the breach and does not believe that U.S. Social Security numbers or full payment card information were compromised. The system remains offline as Pearson works with law enforcement and forensic experts to assess and verify the scope of the breach.
More from Cisco Subnet:
Follow Jim Duffy on Twitter