In response to the recent news about ProctorU’s data breach after a threat actor released a stolen database of user records, below are some insightful comments from cybersecurity experts on this topic.
Experts Comments
But the most damaging part of any data breach is the loss of trust and the brand reputation which can result from a data breach.
The mission of ProctorU is a good and beneficial one, ensuring that test-taking is fair and conforms to the rules. The irony in this data breach is that ProctorU specializes in monitoring (the testing process), but they overlooked the risks to their own data environment. Unfortunately, peoples’ private data is now compromised, and ProctorU must exert time, effort, and expenses in an attempt to mitigate the situation. But the most damaging part of any data breach is the loss of trust and the.....Read More
Sadly, this breach event looks indistinguishable from virtually any other.
One of the more interesting fields of information buried in the schema details of the Proctoru.com database is “eu_citizen”. While one can’t say for certain based on the information provided, this field almost undoubtedly exists because of the groundbreaking EU GDPR data privacy regulation, which aims to hold all organizations collecting and storing the information of EU residents accountable for violations of that data’s privacy and security. Sadly, this breach event looks.....Read More
Companies cannot turn a blind eye to their own security gaps.
This is a case of who’s watching the watchers! The organization charged with watching students to discern bad behavior have themselves suffered from that very fate. Companies cannot turn a blind eye to their own security gaps. In this case, the gaps were dramatic enough to leak an entire database of student data. Time to rethink behavior analytics by monitoring for bad behavior both inside and outside the organization. Myopic security practices suffer from attacker blind spots.
Personally identifiable customer data needs to be protected against more and more sophisticated attacks.
This is another example of how exposed our digital lives have become. Personally identifiable customer data needs to be protected against more and more sophisticated attacks. Building a diverse security team that's trained to handle the ever-shifting vulnerabilities is essential to securing the data your company holds.
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Chris Abbey, Incident Handling Manager, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Individuals who are going to use proctoring software should take care to protect themselves before offering a third party this level of access to their computer. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/proctoru-breach-expert-commentary
Facebook Message
@Chris Abbey, Incident Handling Manager, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Individuals who are going to use proctoring software should take care to protect themselves before offering a third party this level of access to their computer. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/proctoru-breach-expert-commentary