Pearson, a major education company, suffered a cyberattack resulting in the theft of primarily legacy data, including customer information and source code. The company is actively investigating the incident, enhancing security measures, and has confirmed that employee data was not compromised. (Affected: Pearson and its customers)
Keypoints :
- Pearson experienced a cyberattack that led to data theft, mostly involving legacy data.
- The breach stemmed from an exposed GitLab Personal Access Token, allowing access to source code and credentials.
- Threat actors used stolen credentials over months to extract terabytes of data from cloud services like AWS and Google Cloud.
- The stolen data includes customer information, financial data, support tickets, and source code, impacting millions.
- Pearson confirmed the breach did not involve employee information and is investigating further.
- The company has taken steps to improve security, including enhanced monitoring and authentication protocols.
- Security experts emphasize the importance of securing Git configuration files to prevent similar breaches.