August 14, 2019–10:05 p.m.
A contractor formerly used by Floyd County Schools (FCS) has notified FCS that it has experienced a data security incident. An older version of Pearson Clinical Assessment’s program—AIMSweb—is involved in the incident.
Students’ first and last names were accessed. In some of the cases, birthdates were also exposed during this incident. A small number of staff members’ names and email addresses were also exposed. Further identifying information was not revealed and has not been compromised.
“This incident impacts 5,900 students enrolled at FCS and 500 FCS employees who were AIMSWeb users between 2008 and 2015. The information Pearson reported was involved was limited to basic directory information,” said FCS Executive Director of Technology Craig Ellison. “Regardless of how limited in nature the data was, this is not acceptable by FCS standards of security. Although this happened via a former data contractor, we want to ensure all of our stakeholders that we take data security seriously whether in-house or with a data contractor.”
Pearson is offering access to credit monitoring services for any individual who believes they may be impacted. For a list of questions and answers, letters to families, and resources for credit monitoring, please visit https://www.floydboe.net/Page/
“This is a third-party data incident that did not occur on FCS’ servers. Please reference the links Pearson provided for more details,” Ellison continued. “Because the data is old and not specific enough, it would be very difficult to determine who exactly has been impacted. After reviewing Georgia Code with our legal advisor, we determined we would use mass communication, such as print media and our website, to notify as many stakeholders as possible.”
Floyd County Schools has been and will continue working with Pearson to ensure that data in their possession has been appropriately secured and is appropriately deleted when it no longer serves any purpose in supporting the education of our students.