CUNY terminated plans to implement remote proctoring services by Proctortrack after the software’s parent company, Verificient, was hacked. The security breach on October 13 forced Proctortrack to halt services to its customers and publicly apologize.
In an update to CUNY’s academic continuity guidelines, the university wrote “due to recent events, the University will not proceed with the implementation of Proctortrack as previously announced.”
The event referenced is a security breach that forced the company to suspend services for about a week due to an audit by independent cybersecurity company, Network Intelligence.
In an update released on October 22, Verificient stated that the independent audit concluded that “no personally identifiable information was accessed in the attack.”
The statement went on to clarify that no data was altered, no credit card account numbers were stolen, and no log-in credentials were compromised. Instead, hackers managed to access an outdated quality assurance testing server, leak source code, and disable its marketing site.
Users who visited Verificient’s website were “Rickrolled,” a popular meme that redirects users to a video of Rick Astley’s “Never Gonna Give You Up.” Images of the hacked website appeared on Reddit.
The hackers also sent out an email to customers from Verificient’s customer support email address containing racial slurs, according to users on Reddit who received the emails. The company apologized “for the hurt and confusion,” caused by the emails.
Instead of Proctortrack, CUNY’s guidelines list papers, presentations, annotations, e-portfolios, take-home exams and limited in-person exams following campus reopening safety guidelines as the preferred methods of learning assessment.
Students are satisfied with alternative methods of assessment that don’t involve in-person contact. “I’d rather not be forced to take the train during a pandemic,” Jacqueline Babek, a senior at Hunter College said.
In an email, Hunter College Undergraduate Student President Hardik Bhaskar said there is “too much risk, cases are rising and we do not want a bunch of students coming in to just take a test. I don’t think admin will push for that.”
Bhaskar also acknowledged the university’s decision to drop Proctortrack, and said “they will, however, allow teachers to continue using lockdown browsers that are already in implementation for the semester.” It is unclear if the lockdown browser being used is a Verificient program like ProctorLock. CUNY did not respond to requests for comment.
The university confirmed in its updated guidelines that it plans to work with the Computer Information Systems department to explore alternative remote proctoring tools to be used in the Spring 2021 semester.
