The West Genesee School District was recently informed by a third-party provider of an online student assessment tool used by the District that a data security incident occurred that involved the unauthorized access of personally identifiable information about West Genesee students. This data breach has reportedly impacted more than 13,000 schools and colleges across the country.
AIMSweb 1.0 is a student monitoring tool provided by Pearson Clinical Assessment (Pearson) and used by many school districts and colleges, both locally and nationally. Pearson believes the AIMSweb 1.0 breach occurred in or around November 2018 and potentially affected students’ first and last names, dates of birth and email addresses. The District stopped using AIMSWeb in 2016.
At present, the District is working with Pearson representatives to identify which students may be affected and for which school years. Personalized letters are being prepared for any student whose data was compromised and will be mailed within 2-3 business days.
West Genesee only used AIMSweb 1.0 for grades K-8.
According to Pearson, assessment information and grades were not disclosed. Additionally, West Genesee does not collect student Social Security numbers, therefore they could not have been included in the data accessed. Data for AIMSweb account administrators was also accessed and may include first and last names, job titles, work email and work address.
“In an era when we are dependent on technology in our homes, offices, and schools, it is frustrating when we face new challenges that question its efficacy relative to security and privacy. We continue to bolster our firewalls and internal infrastructure while concurrently working with the CNY Regional Information Center, our conduit to the former provider, Pearson” Superintendent David C. Bills said.
District instructional technology staff overseeing West Genesee student data are reviewing internal controls that are currently in place to protect children’s educational records.
Pearson has assured the CNY Regional Information Center that it has taken the necessary steps to mitigate the incident and is enhancing protections to guard against similar events.
While it is the District’s understanding that there is no evidence that the information described above has been misused, Pearson is offering complimentary credit monitoring from Experian (a national credit monitoring company) for one year for affected individuals as a precautionary measure. To contact Experian, please call 866-883-3309.