" /> Student Data Exposed | Pearson | Pittsburgh Cybersecurity Services

Students’ Data Exposed by Pearson Hack

In the same week that Capital One disclosed a data breach that affected more than 100 million individuals, London-based Pearson PLC announced a warning of its own. According to an article in the Wall Street Journal, a breach at the educational software giant affected more than 13,000 school district and university accounts, meaning that millions of records might be involved.

The breach initially occurred in November 2018, but Pearson only learned about it in March 2019 when they were informed by the FBI, meaning the violation went undetected for about five months. The WSJ article noted that Pearson has been increasing its focus on digital services lately, and that data theft is often an unintended consequence of educational companies shifting to digital products. Details surrounding how and who performed the attack are still unknown. What we do know is that this delay in breach notification might cause serious ramifications with the EU’s General Data Protection Rule (GDPR), which requires organizations to notify affected parties within 72 hours of identification of a breach.

Information accessed contains names, dates of birth and email addresses. The company believes that student data was not misused and that Social Security numbers and other financial information were not accessed. While Pearson is offering the standard complimentary credit monitoring services to affected victims, we’re also recommending consumers take advantage of free “security freeze” services.

As a current college student, this breach is particularly concerning, considering its potential affect on my information. After all, this isn’t a failure on students’ part, but the failed responsibility of a third party used by many educational institutions. Furthermore, increased dependency on such third parties is causing organizations everywhere to struggle to gain assurance that their data is secure.

To identify serious issues like these sooner, more preventative measures need to be put in place. Therefore, regular security audits and penetration tests of all assets, including cloud infrastructure, are highly recommended. If all or part of your business relies on a third party, do you have the proper oversight to ensure that your and your clients’ data is safe? For help with oversight, risk mitigation, risk assessment and cybersecurity services, reach out to us at 412-261-3644 or contactsd@schneiderdowns.com.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2019 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on

Russian Hackers Indicted in Pittsburgh
Cybersecurity BY Sara Hudak
Six Cybersecurity Tips for the Holiday Shopping Season
Recertification of PA Act 153 Clearances
Louisiana Issues Filing Extension After Ransomware Attack
Conducting an ERM Evaluation
Operation Varsity Blues and Internal Audit

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102