Cyber Attack cyber

Pearson

May 9, 2025 1 min read
Pearson

Pearson, an education services giant, recently suffered a cyberattack in January 2025. Hackers obtained access to the company's development environment using an exposed GitLab Personal Access token found in a public .git/config file. The attackers exploited this access to find more login credentials hardcoded in the source code, infiltrating the company’s network and stealing corporate and customer information. Pearson confirmed the breach but downplayed its significance, stating that the stolen data was largely 'legacy data'. The company did not specify the extent of the data breach or the number of affected individuals. However, it was confirmed that no employee information was compromised. Pearson has taken steps to enhance security monitoring and authentication, and is supporting law enforcement's investigation.

Source: https://www.techradar.com/pro/security/textbook-and-testing-giant-pearson-hit-by-cyberattack-customer-data-leaked

"id": "pea908050925",
"linkid": "pearson",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.