An individual self-identifying as “temp221212” on the dark web forum has taken responsibility for the PeopleCert data breach.
The breach was announced via a dark web post and contained what seems like sample data from the security incident. PeopleCert, the alleged victim in this case, is a globally renowned institution specializing in examination and accreditation services.
The PeopleCert data breach incident, involving a vast repository of sensitive information, allegedly includes personal details such as names, dates of birth, passport and driver’s license images, email addresses, physical addresses, and phone numbers.
PeopleCert data breach explained
According to dark web user, they have successfully executed the PeopleCert data breach and stole crucial information. The leaked data reportedly encompasses an astounding 86,516 containers filled with diverse forms of information.
This includes MP4 files, facial and vocal samples of exam testers, comprehensive room views, names, dates of birth, front and back images of official identification documents like passports, and driver’s licenses, email addresses, physical addresses, and telephone numbers.
Such an extensive collection of sensitive information further amplifies the extent of the PeopleCert data breach and its consequence, as the data could belong to thousands of students from around the world.
However, it is worth noting that the company has not verified the claims for the PeopleCert data breach.
The Cyber Express tried reaching out to the accreditation provider to learn more about this PeopleCert data breach, but no confirmation or official response has been recorded as of now.
This incident follows on the heels of a previous event involving PeopleCert. The company recently completed the acquisition of Axelos, a prominent joint venture established by the United Kingdom’s Cabinet Office and Capita plc.
Axelos has played a pivotal role in shaping global best practice methodologies in areas such as project management, IT service management, and cyber resilience. The PeopleCert data breach has occurred in close proximity to this significant corporate development.
PeopleCert data breach: Not the first cybersecurity incident
It’s pertinent to recall that PeopleCert has faced a similar situation before.
In 2019, the company acknowledged falling victim to a cyber attack. During that breach, portions of their contact database were accessed by unauthorized third parties.
The compromised information consisted solely of names, email addresses, and countries of residence. However, the company stressed that no credit card, debit card, or bank account details were compromised in the incident. PeopleCert promptly reported the breach to relevant authorities and conducted an ongoing investigation.
“PeopleCert has established that some parts of its contact database have been accessed by an unauthorized third party. The confirmed data that has been accessed includes only names, email addresses, and countries of location.
In line with our security processes, we have reported this incident to the relevant Cyber Crime and Data Protection Authorities, and an investigation is ongoing.”, read the company statement for the PeopleCert data breach in 2019.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.