Threat Watch

Wyzant Data Breach

Wyzant, which is a popular online marketplace where parents and students can connect with tutors, has suffered a data breach that exposes the personal information of its customers. An unknown hacker was able to gain access to a database on April 27th, 2019 and was able to steal the customer’s full name, email address, zip code, and Facebook profiles if those were used to login to Wyzant. Wyzant found the breach on May 2nd and was able to patch the security flaw. Wyzant stated that the stolen data did not include customer activity, passwords or payment information. The company is still unclear as to how the data was stolen or how many customers were affected. Wyzant has a database of over two million customers and over 76,000 active tutors. In response to the breach, Wyzant states that they are doing an extensive audit of their network and security infrastructure.

ANALYST NOTES

Users of this platform are advised to change their login credentials and discontinue using the user’s Facebook profile to login to the site. Users should also prepare for an increased number of phishing emails. Attackers will attempt to use the personal information stolen to trick users into giving them more information.