ProctorU Data Breach Affects 400,000 Users

University online exam tool ProctorU admits to a data breach affecting 444,000 individuals last Thursday, August 6, 2020, following the publishing of user records by hacker group ShinyHunters. Among the compromised include individuals who registered on or before 2014, reports Info Security.

ProctorU is an online examination tool software designed to monitor a student or test taker’s behavior to assess if he or she is involved in cheating-related activities. The software works with webcams and the microphone tool utilized by the test taker.

Should cheating be suspected on the student or test taker’s end, the proctor has the capacity to ask the individual to show a real-time view of their room or desk to ensure that cheating tactics are not employed while taking examinations.

ProctorU Data Breach

ProctorU’s leaked database records were reportedly part of the 386 million user records released by ShinyHunters in the past few weeks. Compromised personal information include individual’s full legal names, full residential addresses, usernames, unencrypted passwords, states Tom’s Guide.

Australian educational institutions currently using this system include the University of Sydney, the University of Adelaide, the University of Melbourne, the University of Queensland, and many others, states Honi Soit.

Bleeping Computer, however, said that educational institutions whose information was compromised in the data breach include prestigious universities such as Harvard, Princeton, Yale, UCLA, Columbia, UC Davis, Syracuse University, the University of Texas, and North Virginia Community College.

In response to the tweet of student publication of the University of Sydney, Honi Soit, ProctorU said that it has “confirmed that on July 27, 2020, a user web forum offered to share data files containing approximately 444,000 records. These records were from 2014, and did not contain any financial information.”

In addition, the online proctoring tool maintained that it has taken steps to ensure the safety and security of its users saying that it had already “disabled the server, terminated access to the environment, and is investigating this incident.”

In the same way, the company has also implemented enhanced security measures to prevent similar events from happening in the future.

Prior to the data breach, the use of ProctorU in Australian educational institutions has been heavily criticized following its terms of service, with Honi Soit saying it violates student privacy.

According to The Sydney Morning Herald, Australian universities will be looking into its online exams and proctoring system to better gauge the right approach for 2021.