Groton Central School District hit with data breach
- Groton schools contract with Pearson Education through BOCES, therefore, Pearson preferred to leave it to the individual districts and/or BOCES to notify those impacted.
- The exposed information includes students’ personal information such as names, dates of birth, email addresses, and student ID numbers.
Groton Central School District has been hit with a data breach incident caused by a third-party vendor, Pearson.
What we know so far
Pearson experienced a data security incident involving an older version of the Pearson Clinical Assessment's program, AIMSweb that was accessed by an unauthorized third party in November 2018. This incident has impacted nearly 13,000 schools and universities.
Margo Martin, the district’s Superintendent said that they did not know that they were one of the compromised schools as they do not directly contract with Pearson Education.
- In addition to not directly contracting with Pearson Education, Groton Central School District’s data is housed in Central New York Regional Information Center (CNYRIC).
- Groton schools contract with Pearson Education through Boards of Cooperative Educational Services (BOCES), therefore, Pearson preferred to leave it to the individual districts and/or BOCES to notify those impacted.
“We are all in this region – 50 districts in this region – part of the [Central New York Regional Information Center] … and the way BOCES is structured, we go through them, they actually go through Erie 1 BOCES for this type of contract. Pearson was not willing to give it to the individual districts because they didn’t have a contract with us, they had a contract with CNYRIC,” Martin said.
What was exposed?
Almost 846 Groton school students had their personal information such as names, dates of birth, email addresses, and student ID numbers exposed during the security breach.
The Groton Central School District has taken the necessary steps to mitigate the exposure of the data and avoid such incidents from happening in the future.
- This includes implementing a new firewall installed by CNYRIC; and
- Conducting professional training courses on email phishing.
Apart from these, Pearson Education is providing one-year free credit monitoring services for all the impacted students.