News View All News »

Pearson AIMSweb Security Incident

Thursday, August 29, 2019 -

Yesterday afternoon, the Central New York Regional Information Center (CNYRIC) notified the Liverpool Central School District of a data security incident involving the unauthorized access of personally identifiable information of students across the country, including Liverpool.

This incident, which took place in November 2018, involves the AIMSweb 1.0 Assessment System utilized by the district and provided by third-party software developer Pearson Clinical Assessment (Pearson). The district accesses the Pearson software through CNYRIC.

The personally identifiable information affected by the incident includes students’ first and last names, dates of birth, school names and student id numbers. According to Pearson, assessment information and grades were not disclosed, and Social Security numbers were not included in the data that was accessed.

Due to CNYRIC being the contract holder, Pearson did not accurately respond to the district’s independent inquiries regarding the data security incident and separately released data to CNYRIC on August 26. The district was informed of this incident on August 28.

It is important to note that the Liverpool Central School District itself did not experience a cyberattack, security breach or data breach.

The district will send letters to families who may be impacted by this data security incident. While it is our understanding that there is no evidence of the information being misused, Pearson is offering complimentary credit monitoring to affected individuals. Details regarding the offer will be included in the letter.

We know that data security incidents are concerning to our parents and guardians, and we have received assurances that Pearson has taken the necessary steps to mitigate the incident and enhance its protections to guard against similar events.

Sincerely,

Dr. Mark F. Potter
Superintendent of Schools

View All News »