A security breach of an online educational data platform has involved thousands of schools nationally, including the Rome school district among them.
Rome district data from the 2013-14 academic year was accessed by unauthorized users who breached databases of Pearson Education, Inc., which provided the district with the AIMSweb student assessment tool platform, said district Superintendent Peter C. Blake.
"Your student's name, date of birth, school and school district of attendance were in the set of information accessed during this breach," Blake said in an Aug. 15 letter to parents and guardians. He noted "the AIMSweb 1.0 platform was recently accessed by unauthorized users," and also said "we believe that your child's information was among the information accessed...."
Blake additionally said "we understand that numerous school districts have been impacted by the breach, in several states across the country." The Rome district no longer uses the AIMSweb 1.0 platform, he observed.
The Pearson company "has assured the district that it has taken the necessary steps to mitigate the incident and is enhancing protections on its products to protect against similar events in the future," Blake's letter said. "Although we are unaware that the information unlawfully accessed has been misused in any manner, Pearson has indicated it will be offering complimentary credit monitoring from Experian for one year for affected individuals, as a precautionary measure."
Among other online reports, techcrunch.com cited a Wall Street Journal report that the data breach occurred last November, and that the Pearson company was notified by the FBI in March. Techcrunch.com said Pearson, a London-based educational software maker, indicated that thousands of school and university accounts mostly in the U.S. were affected by the breach. Pearson announced the data breach at the end of July.
Blake also said parents and guardians can get more information on the matter by contacting Pearson at 866-883-3309 or firstname.lastname@example.org.
Information on other local school districts that may have been affected by the breach was not immediately available.
Overall, about 13,000 educational institutions' AIMSweb accounts were breached by an unknown individual, according to several online reports including idtheftcenter.org. It was among reports indicating that in some of the institutions' cases, students' email addresses also were exposed.
The idtheftcenter.org report, noting the free credit monitoring offered through Pearson, said "in the event of any data breach in which any of your information may have been accessed, you need to take advantage of whatever protection the company is providing."
The report added "even if the stolen records do not contain highly sensitive material, this kind of service helps safeguard your information in the event a hacker is able to connect the dots between different data breaches and form a more complete picture of your identity."
Some online reports including mashable.com estimated that the breach exposed data on at least 100,000 students overall, from among the approximately 13,000 schools and universities affected.