Pearson, the London-based educational software maker, said today that thousands of school and university accounts, mostly in the United States, were affected by a data breach. The company added that it has notified affected users already and that the vulnerability has been fixed.
The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March. The perpetrator is still unknown.
According to Pearson, unauthorized access was gained to 13,000 school and university accounts on AIMSweb, the company’s student monitoring and assessment platform. The data exposed included first and last names and, in some cases, date of birth and email addresses. Each account could potentially include information about thousands of students.
Pearson added that it has no evidence that any of the exposed information was misused. It will offer free credit monitoring services to affected users as a “precautionary measure.”
News of Pearson’s data breach comes the same week that Capital One disclosed a massive cyberattack that exposed sensitive information for about 100 million people in the U.S. and 6 million in Canada.