Some Cayuga County-area schools reported being among the thousands of institutions whose student and staff data was exposed by a breach in an education assessment platform.
Pearson Clinical Assessment was hit by a hack on its AIMSweb platform in November 2018. Central New York districts were informed they were affected by the breach earlier this week.
According to a news release from the Central New York Regional Information Center included on a page from the Moravia Central School District's website addressing their student and staff data getting breached, the information center "contacted Pearson and the affected school districts in the region" to determine the extent of the breach once it learned of the incident. The center also said it met with area school superintendents Thursday about the incident.
Moravia said their compromised information was last names, student ID numbers and email addresses, adding that the district will contact each individual person affected.
The Weedsport Central School District said in a news release it was one of 13,000 educational institutions hit, and the breach "potentially affected students’ first and last names, dates of birth, student identification numbers, the name of the school, and the name of the district." The Weedsport district said that while Pearson doesn't have evidence of the information being misused, afflicted schools were informed as a precaution.
“It’s unfortunate that one of our vendors was the victim of such a breach, and we will fulfill our responsibilities by contacting our families and staff members," district Superintendent Shaun O'Connor said in the news release.
District staff who oversee student data will go through a review of the district's internal controls to guard student's educational records, as an extra measure, the news release said. Weedsport said Pearson assured the school district that it has "taken the necessary steps to mitigate the incident and is enhancing protections to guard against similar events."
Port Byron Central School District Superintendent Neil O'Brien said in a weekly district newsletter Friday that student names and birth dates were exposed.
"While any data breach is disconcerting, I am thankful it was limited to information that is available in public records. The breach did not target any current testing we do, but rather focused on an assessment that we used several years back. Some of those students have since graduated. We will send out a letter to those affected with further information on the breach," O'Brien said.
Get local news delivered to your inbox!
Subscribe to our Daily Headlines newsletter.