Scrum.org, the Scrum certification and training site run by Scrum co-creator Ken Schwaber, suffered from a nasty security breach.
The compromised information included users’ names, email addresses, encrypted passwords, the password decryption key, completed certifications, and their associated test scores.
"No financial information was involved in this incident."
They immediately confirmed the applicability of the vulnerability and followed all of our vendor’s instructions to ensure the vulnerability was resolved."
TPRM report: https://scoringcyber.rankiteo.com/company/scrum-org
"id": "scr24928522",
"linkid": "scrum-org",
"type": "Breach",
"date": "05/2016",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Education and Training',
'name': 'Scrum.org',
'type': 'Organization'}],
'data_breach': {'type_of_data_compromised': ['users’ names',
'email addresses',
'encrypted passwords',
'password decryption key',
'completed certifications',
'associated test scores']},
'description': 'Scrum.org, the Scrum certification and training site run by '
'Scrum co-creator Ken Schwaber, suffered from a security '
'breach. The compromised information included users’ names, '
'email addresses, encrypted passwords, the password decryption '
'key, completed certifications, and their associated test '
'scores. No financial information was involved in this '
'incident.',
'impact': {'data_compromised': ['users’ names',
'email addresses',
'encrypted passwords',
'password decryption key',
'completed certifications',
'associated test scores']},
'response': {'remediation_measures': 'Followed vendor’s instructions to '
'resolve the vulnerability'},
'title': 'Scrum.org Security Breach',
'type': 'Data Breach'}