The online platform that matches students and tutors Wyzant has suffered a data breach at the end of April 2019. The company informed all affected users by e-mail about the security incident and warned them that their personal information might be at risk. According to an official statement, the systems have already been patched in order to ensure that no passwords, financial information, or activity records leak out. Wyzant discovered the attack about a week after it happened, yet now the company assures it has implemented additional security measures to prevent future breaches of customer data. These measures include a complete review of the company’s security protocols and processes.
Investigations are running but, for now, the attackers remain uncovered. Moreover, it is yet not known what vulnerability in the company's security the attackers exploited to get access to its network. What is known for sure is that there has been unauthorized access to certain user data, meaning that personally identifiable information of some users, like first name, last name, e-mail address, zip code, and in some cases, Facebook profile image, has landed in the hands of the unknown cyber crooks. Being on the market for over ten years, Wyzant has over two million registered users in total, 80,000 of which are instructors. As the damage of this cyber attack is yet to be estimated, it has still not been announced whether both students and tutors have been affected by the breach.
Wyzant customers face real dangers after breach
As soon as the entire Wyzant network has been inspected, the company will notify its customers about any details and other relevant information about the incident. Wyzant also states that it is working with law enforcement to make sure that the attack is properly investigated. Until the attackers are identified, Wyzant users are advised to be aware of any potential misuse of their data. Whenever hackers steal email addresses, they will, later on, attempt to use them for social engineering attacks, so users should expect phishing emails that try to extract additional private information, like credit card numbers, usernames, passwords, or financial data.
Users facing the danger of identity theft can undertake several measures to protect their online privacy. If you have been affected by Wyzant breach, first of all, you should change the passwords for your email and your social media accounts. Then, you should watch your bank account for any unauthorized transactions. Further on, you are advised to avoid opening emails from unknown senders and clicking on suspicious links or pop-ups that may appear on your screen. Also, you can notify your Facebook friend that your account might have been compromised and that they may receive malicious messages from you which they should ignore.