The education technology firm Edtech, was acquired by Thinkful in 2019 for $80 million. The California-based company made its name as hub for rentals of college textbooks.
New about a new data breach hitting the company has been reported by TechCrunch. The company is undertaking responsive measures, such as requiring users to change their passwords.
The firm is reporting that hackers have stolen 700 current and former employee records, including their names and U.S. Social Security numbers. This follows on from previous data breaches that occurred in 2018 and 2019.
Commenting on this issue for Digital Journal, Scott Gordon, CISSP from secure access provider Pulse Secure notes that the attack is another sign of the serious threats facing education during the COVID-19 pandemic.
Gordon explains: “The education sector is particularly vulnerable during social distancing since they need to adjust operations for over 25 million students across 4,235 higher education institutions in the United States that have been impacted by COVID-19.”
As to what this type of data breach signals for the educational technology sector overall, Gordon surmises: “Security controls across the edtech supply chain need to adapt to an expanded attack surface as institutions will extend e-learning scope options and be targeted. This also applies to their edtech suppliers, like Chegg, that will face similar threats.”
It stands that companies operating in this sector should be assiduously mapping out their organizational capabilities and security controls, in order to measure their preparedness to detect, prevent and respond to threats in significant detail.
As a word of warning for this burgeoning sector of the new tech economy, Gordon states: “As edtech companies expand their business through acquisition, like the consolidation occurring in the healthcare industry, they must be more vigilant on security posture assessment, on Zero Trust policies adherence and on data protection obligations.”
