Boulder Valley School District has sent out about 60,000 letters to current and former students notifying they are possible to be victims of last years’ Pearson data breach.
According to a report from the Denver Channel, Boulder Valley Schools have been informed earlier this month that students were likely to have been affected by the breach. The district is quick to respond to the said information by sending out letters to parents on Friday, August 30, which Pearson paid for.
“The delay in them, Pearson, telling us is because there’s an ongoing FBI investigation and with that investigation only so much information could be shared,” explained Andrew Moore, Boulder Valley School District’s Chief Information Officer.
Pearson, an education software company, suffered from a data breach last year that had exposed student accounts from more than 13,000 schools and universities. The company only discovered the security issue in March, which compelled them to contact cybersecurity experts and the FBI.
According to Moore, Pearson notified Boulder Valley about the data breach on Aug. 1., which had urged the district to conduct its own investigation and send letters notifying all potentially affected students.
Although there is no evidence that the students’ information has been misused, as claimed by Pearson, the company is still offering free identity or credit monitoring through Experian to affected residents.
Florence Bocquet, one of the parents who have received letters for her two sons about the breach, said she’s worried about criminals stealing her sons’ information.
“I could not believe what I was reading and what is also the Pearson AMS web 1.0? I did not know,” she told The Denver Channel.
Anna Segur another concerned parent also expressed her worries about the said security issue.
“As a parent, I never consented for this company to have access to my children’s data,” she said. “I think the data should belong to the parents, not the school district.”
To date, the Boulder Valley School District is following state and federal law to minimize the casualties and prevent another breach that can affect the privacy of students.
The district has also added two full-time staffers that will focus on data security. The two employees are said to be taking advance trainings at the moment for better security protection.
“Cybersecurity threats, whether it’s malware, ransomware, viruses, is a huge thing for us and we are continuing to put procedures in place,” Moore explained.