[BreachExchange] Education software maker Pearson says data breach affected thousands of accounts in the U.S.

Destry Winant destry at riskbasedsecurity.com
Thu Aug 1 10:15:37 EDT 2019


Pearson, the London-based educational software maker, said today that
thousands of school and university accounts, mostly in the United
States, were affected by a data breach. The company added that it has
notified affected users already and that the vulnerability has been

The Wall Street Journal reports that the data breach happened in
November 2018 and Pearson was notified by the Federal Bureau of
Investigation in March. The perpetrator is still unknown.

According to Pearson,  unauthorized access was gained to 13,000 school
and university accounts on AIMSweb, the company’s student monitoring
and assessment platform. The data exposed included first and last
names and, in some cases, date of birth and email addresses. Each
account could potentially include information about thousands of

Pearson added that it has no evidence that any of the exposed
information was misused. It will offer free credit monitoring services
to affected users as a “precautionary measure.”

News of Pearson’s data breach comes the same week that Capital One
disclosed a massive cyber attack that exposed sensitive information
for about 100 million people in the U.S. and 6 million in Canada.

More information about the BreachExchange mailing list