D300 was recently notified by a third party contractor of a data breach that occurred in November 2018 involving the Pearson AIMSweb 1.0 platform. This product allowed D300 staff to assess and monitor student achievement. The AIMSweb platform was discontinued by D300 in 2014. The breach included both staff and student data.

Pearson reports that it has launched a review, which included outside cybersecurity experts and law enforcement officials, to determine the nature and extent of the data breach. At this time, a specific date range for this breach is not known and there is no evidence that the data has been used in any manner. The identity of the breaching party remains unknown.

According to Pearson, the student data affected is limited to first and last name, and in some instances, date of birth and email address. No educational records were included in the data security incident, nor was any assessment information released. Additionally, the breach included information regarding School District 300 administrators, but is believed to be limited to first and last name, job title, work email and work address.

Importantly, the AIMSweb 1.0 platform does not contain Social Security numbers, credit card data, or other financial information. All of the information affected by the breach is subject to disclosure under the Freedom of Information Act, and the student information is classified as “directory information” under the federal Family Educational Rights and Privacy Act (FERPA) and the Illinois School Student Records Act.

As a result of the incident, Pearson is undergoing a review to determine additional steps it needs to take to further enhance the safety and security of personal information to help prevent recurrences. In addition, Pearson is offering complimentary credit monitoring services from Experian for affected individuals as a precautionary measure.

If you are one of those affected individuals or represent an affected minor and choose to redeem this offer, you may activate your membership and start monitoring your or your minor’s personal information by following the steps below:

• Ensure that you enroll by: January 31, 2020 (Your code will not work after this date.)
  
  
• Visit the Experian IdentityWorks website to enroll and provide your activation code:   
  
  
• If you are enrolling for an Adult: https://www.experianidworks.com/credit
• Provide your activation code:  PF7N9N97G
  
  
• If you are enrolling for a minor: https://www.experianidworks.com/minorplus
• Provide your activation code:  4GCYX5C69
  
  
• If you are redeeming this for a minor, provide your minor’s information when prompted

Experian offers the following features once you enroll in Experian IdentityWorks for yourself or your minor:

• Identity Restoration: Identity Restoration agents are immediately available to help you address credit and non-credit related fraud.
  
  
• Experian IdentityWorks ExtendCARE:  You receive the same high-level of Identity Restoration support even after your Experian IdentityWorks membership has expired.
  
  
• Up to $1 Million Identity Theft Insurance**:  Provides coverage for certain costs and unauthorized electronic fund transfers.

The following additional features are also available:

For adults:

• Experian credit report at signup: See what information is associated with your credit file.  Daily credit reports are available for online members only.*
  
  
• Credit Monitoring: Actively monitors Experian file for indicators of fraud.

For minors:

• Social Security Number Trace: Monitoring to determine whether enrolled minors in your household have an Experian credit report.  Alerts of all names, aliases and addresses that become associated with your minor’s Social Security Number (SSN) on the Experian credit report.
  
  
• Internet Surveillance: Technology searches the web, chat rooms & bulletin boards 24/7 to identify trading or selling of your personal information on the Dark Web.

For more information, families can contact Pearson at (866) 883-3309 or aimsweb1request@pearson.com.