Textbook and testing giant Pearson hit by cyberattack, customer data leaked

Pearson has confirmed recently suffering a cyberattack
The company claims hackers obtained “legacy data”
No threat actors claimed responsibility yet

Education services giant Pearson has confirmed suffering a cyberattack and losing customer data, but has played down the importance of the breach, suggesting the stolen data was outdated anyway.

BleepingComputer was tipped off that someone used an exposed GitLab Personal Access token to compromise Pearson’s development environment in January 2025.

The token was found in a public .git/config file, with the attackers using this access to find even more login credentials, hardcoded in the source code, which they then used to infiltrate the company’s network and steal corporate and customer information.

You may like

Chinese threat

Pearson later confirmed the news in a statement given to BleepingComputer:

“We recently discovered that an unauthorized actor gained access to a portion of our systems,” the statement said.

“Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement’s investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication.”

Then, the company hinted that the data might not be as valuable: “We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate.”

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

There was no employee information among the stolen files, it was confirmed. Pearson did not want to say how many people were affected by the incident, or what kind of information was exposed in this “legacy data”.

Unfortunately, leaving sensitive information in Git projects configuration files is nothing new, and criminals know it. In a recent analysis published by security pros GreyNoise, it was said that cybercriminals have ramped up their scanning for exposed Git configuration files, as they hunted for vulnerable organizations in Singapore.

You might also like

https://cdn.mos.cms.futurecdn.net/sFmKPA9XY64GFiyAypGZAH.jpg

Source link

A central Microsoft Russian unit files for bankruptcy

I asked ChatGPT to draw a bird a year ago, then did the same thing today. You won’t believe the difference!

Apple’s WWDC 2025 keynote may be an AI ‘letdown’, but there are 4 Apple Intelligence projects it’s working on that you should be excited...

Anker’s new ultra-tough Bluetooth speaker has safety features for going really off-grid, and a self-cleaning trick borrowed from the Apple Watch

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

Classover secures $500 million for Solana treasury strategy

Trump plans to offload national park sites, but states don’t want them

Applied Digital shares surge on new AI data center lease with CoreWeave

How new college graduates should expand their professional networks, according to a LinkedIn career expert

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Textbook and testing giant Pearson hit by cyberattack, customer data leaked

A central Microsoft Russian unit files for bankruptcy

Classover secures $500 million for Solana treasury strategy

Trump plans to offload national park sites, but states don’t want them

Applied Digital shares surge on new AI data center lease with CoreWeave

Leave a reply Cancel reply