District one of 13,000 institutions affected by data incident

The Weedsport Central School District was recently informed by Pearson Clinical Assessment (Pearson) that a data security incident occurred which involved the unauthorized access of personally identifiable information about Weedsport students.

Pearson provides the student assessment software AIMSweb 1.0 to numerous districts and colleges, both locally and nationally. The company believes about 13,000 educational institutions were affected by an AIMSweb 1.0 breach that occurred in or around November 2018. The district was provided the specifics regarding the breach on Aug. 29 which potentially affected students’ first and last names, dates of birth, student identification numbers, the name of the school, and the name of the district.

The company stated that while it has no evidence that the information has been misused, they notified the affected schools as a precaution.

The district will be informing the families affected by the breach through a letter home. The district will be working on that mailing the week of Sept. 3.

Assessment information and grades were not disclosed, and Social Security numbers were not included in the data accessed, according to Pearson. Data for AIMSweb account administrators was also accessed and included first and last names, job titles, work email, user identification number, and school/district name.

“We know this is a very serious situation for parents and we are treating it as such. We are working in conjunction with the Central New York Regional Information Center (CNYRIC), through which we access the Pearson software,” said Superintendent Shaun O’Connor.

“It’s unfortunate that one of our vendors was the victim of such a breach, and we will fulfill our responsibilities by contacting our families and staff members.”

As an added measure, district staff overseeing Weedsport student data will undergo a review of the district’s internal controls to protect children’s educational records. Pearson has assured the district that it has taken the necessary steps to mitigate the incident and is enhancing protections to guard against similar events.

For more information, please contact CNYRIC at (315) 433-8300.