Cyber Incident Victim: Verificient
Date:
Oct 2020
Location:
United States of America
Summary
A cyberattack targeting Verificient's ProctorTrack online proctoring service compromised the company's systems, leading to unauthorized access of its communication channels. The attackers exploited this breach to send fraudulent emails to students through the official Verificient Support account, impacting users at multiple educational institutions. In response to the incident, the service was temporarily disabled to mitigate further risks and investigate the intrusion. The disruption affected universities relying on the platform for remote exam monitoring during a period of increased demand for such services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In October 2020, Verificient Technologies experienced a cybersecurity incident affecting its ProctorTrack online proctoring service, widely used by educational institutions during the shift to remote learning. The breach became apparent on or around October 12, 2020, when unauthorized actors gained access to Verificient’s systems and began sending emails to students through the compromised "Verificient Support" account. ProctorTrack’s client base included prominent universities such as Rutgers, MIT, Purdue University, Ohio University, University of Western Ontario, and Illinois State University, though the full scope of impacted institutions remained unspecified. The attack disrupted normal operations, forcing Verificient to temporarily disable ProctorTrack services to contain the incident. While the exact method of intrusion and depth of system access were not publicly detailed, the compromise of official communication channels indicated a breach of administrative controls.
Verificient responded by proactively shutting down ProctorTrack’s operations to mitigate further risks, though this action itself caused service interruptions for dependent academic institutions and students. The attacker’s emails, distributed directly from Verificient’s infrastructure, suggested exploitation of internal access rather than superficial phishing tactics. No specific details regarding data exfiltration, ransomware deployment, or financial motives were confirmed in the immediate aftermath. The incident highlighted operational vulnerabilities in a critical educational tool during peak demand, though long-term technical and reputational consequences were not yet quantifiable. Investigations were ongoing as of October 13, 2020, with no supplementary remediation steps or forensic findings disclosed publicly at that stage.