Education Giant Pearson Hit By Cyberattack Exposing Customer Data (bleepingcomputer.com) 7
An anonymous reader quotes a report from BleepingComputer: Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered a cyberattack and that data was stolen, but stated it was mostly "legacy data."
"We recently discovered that an unauthorized actor gained access to a portion of our systems," a Pearson representative confirmed to BleepingComputer. "Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement's investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication. We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate." Pearson also confirmed that the stolen data did not include employee information. The education company previously disclosed in January that they were investigating a breach of one of their subsidiaries, PDRI, which is believed to be related to this attack.
BleepingComputer also notes that threat actors breached Pearson's developer environment in January 2025 using an exposed GitLab access token, gaining access to source code and hard-coded credentials. Terabytes of sensitive data was stolen from cloud platforms and internal systems.
Despite the potential impact on millions of individuals, Pearson has declined to answer key questions about the breach or its response.
"We recently discovered that an unauthorized actor gained access to a portion of our systems," a Pearson representative confirmed to BleepingComputer. "Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement's investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication. We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate." Pearson also confirmed that the stolen data did not include employee information. The education company previously disclosed in January that they were investigating a breach of one of their subsidiaries, PDRI, which is believed to be related to this attack.
BleepingComputer also notes that threat actors breached Pearson's developer environment in January 2025 using an exposed GitLab access token, gaining access to source code and hard-coded credentials. Terabytes of sensitive data was stolen from cloud platforms and internal systems.
Despite the potential impact on millions of individuals, Pearson has declined to answer key questions about the breach or its response.
What is legacy data? (Score:3)
Re: (Score:2)
Re: (Score:2)
Pearson is more than K-12. Both my Journeyman and Master tests were administered by them.
Jail time... (Score:2)
Re: (Score:2)
That's right, thieves got away with data, throw the victim in jail! Great tactic.
Ferpa violation (Score:1)
Storing hard-coded credentials in the Cloud (Score:2)