Major UK multinational education services provider Pearson had mostly legacy corporate and customer information stolen following a cyberattack, BleepingComputer reports.
More robust security monitoring and authentication mechanisms have already been implemented amid an ongoing investigation into the incident, which has been confirmed not to have impacted employee data, according to a Pearson spokesperson. "We will be sharing additional information directly with customers and partners as appropriate," said the spokesperson. Additional details regarding the incident continue to be lacking but the disclosure comes after Pearson was reported by sources to have had its developer compromised through an exposed GitLab Personal Access Token in January. Attackers were noted to have leveraged the token to infiltrate Pearson's source code and obtain hard-coded credentials, which were later used to pilfer troves of internal network and cloud infrastructure data. Pearson's acknowledgment of an attack against its subsidiary PDRI in January is also thought to be related to the intrusion.
More robust security monitoring and authentication mechanisms have already been implemented amid an ongoing investigation into the incident, which has been confirmed not to have impacted employee data, according to a Pearson spokesperson. "We will be sharing additional information directly with customers and partners as appropriate," said the spokesperson. Additional details regarding the incident continue to be lacking but the disclosure comes after Pearson was reported by sources to have had its developer compromised through an exposed GitLab Personal Access Token in January. Attackers were noted to have leveraged the token to infiltrate Pearson's source code and obtain hard-coded credentials, which were later used to pilfer troves of internal network and cloud infrastructure data. Pearson's acknowledgment of an attack against its subsidiary PDRI in January is also thought to be related to the intrusion.
