Pearson, a renowned British textbook publisher and educational software company, announced its encounter with a data breach last year. According to news sites, the Pearson data breach affected more than 13,000 students.
Based on an article released by Pymnts, the Federal Bureau of Investigation came forward regarding the issue last March 2019. The Federal Bureau of Investigation also informed the publisher and software maker regarding the breach in the same month.
Fast Company discloses that the hacking incident happened late last year, around November 2018. Despite conducting a series of investigations, authorities still don’t know the identity of the hacker or the hacking group involved.
Massive Hacking Incident
In one school district, the Wall Street Journal reveals that 114,000 student data became compromised, relays Fast Company. This number alone accounts for school years ranging from 2001 to 2016. In another district, the news sites report that only 500 student accounts have been mined.
In total, the affected numbers include university AIMSweb1.0 and school accounts, says Fast Company. The breach mined sensitive information of users, including first and last names, dates of birth, and email addresses. Individuals largely affected by the breach include students from the United States.
The breach, which compromised thousands of student accounts, stemmed from a vulnerability in the Pearson system, notes EdScoop. The vulnerable system links back to Pearson’s AIMSweb 1.0 system. This AIMSweb 1.0 system handles and monitors the performance of students while using the software.
While the publisher already addressed the system vulnerability, the company decided to stop the current system run. However, the British publisher claims that the decision did not arise from their embroilment in the breach.
While student data remain compromised, reports reveal that Social Security numbers and other financial information were not misused. Scott Overland said that “Pearson was not the primary or intended target of this data breach.” Overland is the British company’s director of media relations.
Actions Taken by the Company
Overland said that “Protecting our customers’ information is of critical importance to us.” He shares that although “we have no evidence that this information has been misused,” they alerted individuals “as a precaution.”
In a statement to Komando, Overland said that have “strict data protection in place.” This allowed them to fix the vulnerability straightaway.
In line with this unfortunate cybersecurity attack, Pearson immediately notified affected individuals and apologized for the incident. Following this, the British company also offered affected students and individuals complimentary credit monitoring services.