Wyzant, a mainstream online tutoring service has suffered a major system breach. More damage falls on their customers that use their personal Facebook login for their Wyzant service, as their Facebook information could have been part of the stolen information as well. Wyzant admins detected an abnormal activity in their database last May 2, 2019. Upon further inspection, the attacker was already tapping on the information contained in the database since April 27, 2019.
As a silver lining in the incident was Wyzant confirmed that the actual account passwords, financial information (credit card info used for paying for the service) and use activity record are not included in the breach. “On May 2, 2109, we noticed an anomaly with the subset of our data on a single database. Further investigation led us to locate a data breach that occured on April 27, where an intruder was able to gain access to certain personal identification information for affected customers. We immediately addressed and fixed the underlying issue, and have assessed the extend of this intrusion.” explained Wyzant in their Notice of Data Breach blog.
Wyzant has approximately 2 million customers, with over 76,000 of them are active participants with the online tutorials who wish to learn from their online platform’s 250+ subjects and sub-topics. Wyzant has not disclosed how many customers were exactly affected by the breach, and what particular vulnerability was exploited in order to pull off the attack.
“The data that may have been accessed included personal information limited to your first name, last name, email address, zip code and, for certain customers who log in to the platform using Facebook their Facebook profile image. The data did not include any password, payment information or record of your activity on the Wyzant platform. No other data is known to have been accessed.” concluded Wyzant.
Though the passwords were not affected, it is strongly recommended for users to change their passwords at the soonest possible time. Those who used their Facebook login for their Wyzant account must change their Facebook password as well and wait for instruction from Wyzant as they may provide further information on how you can secure your account.
Related Resources:
EU Data Breaches Filed Under GDPR Is Less Than Satisfactory