Pearson Failed to Protect Students’ Personal Information from Data Breach, Class Action Claims
George D. v. Pearson, plc et al.
Filed: October 30, 2019 ◆§ 0:19-cv-02814
Pearson is facing a class action that claims the company failed to take adequate steps to prevent, detect and respond to a breach of its AIMSweb online student progress monitoring system.
Pearson, plc, which does business as Pearson Clinical Assessments, and NCS Pearson, Inc., are named in a proposed class action lawsuit that claims the companies failed to secure students’ data from a security breach.
According to the case, the defendants’ AIMSweb online student progress monitoring system was hacked in November 2018, compromising the accounts of over 13,000 schools. The breach allegedly exposed to unauthorized parties the names, dates of birth, email addresses and other personally identifiable information (PII) of thousands of students. Pearson was notified of the hack by the FBI in March 2019, yet failed to take adequate steps to rectify the damage caused by the breach, according to the case.
Despite Pearson’s claim that “[p]rotecting our customer’s [sic] information is of critical importance to us,” the lawsuit argues that the defendants neglected to offer credit monitoring to those affected by the breach until four months after being made aware of the incident. Furthermore, the complaint states that in spite of the defendants’ stated concern, Pearson never directly informed affected parties of the breach. From the case:
“What’s more, Pearson did not bother to notify students or parents directly, but rather left that sordid task to the various schools and school districts, again, belying their ‘critical’ concern that the overall risks inherent with the additional passage of time.”
According to the complaint, Pearson “systemically failed to provide adequate security” for PII on AIMSweb by neglecting to implement industry standard cybersecurity protocols. The case contends that students have been put at an “imminent, immediate, and continuing risk of harm” as a result of Pearson’s negligence and requests the defendants take additional steps to secure personal information in the future. In particular, the suit demands that Pearson ensure that “the storage of data or documents containing personal and financial information is not accessible online, and that access to such data is password-protected.”
The lawsuit seeks an injunction requiring the defendants to send individualized notices of the breach to those affected and pay for three years’ worth of credit monitoring for proposed class members.
Video Game Addiction Lawsuits
If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.
Learn more:Video Game Addiction Lawsuit
Depo-Provera Lawsuits
Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.
Read more: Depo-Provera Lawsuit
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.