Pearson Is Everywhere: MN Tests Get Hacked Edition

Pearson: Always Earning

Pearson: Always Earning

Welcome back to Pearson Is Everywhere!

Last time, we saw that Over 175k Opted Out of Pearson PARCC in NY.

 

Today, we’re looking at Minnesota’s tests being hacked, causing the testing to be temporarily canceled.  The attack was a DDoS (denial of service) attack.


Background
According to Ed Week, even their practice runs had issues. Technical ‘glitches’ with browser compatibility seriously hampered the practice runs. Pearson’s answer was to direct the browsers to turn off security measure and run them in “unsafe mode”:

Issues have been reported most often by districts equipped with Apple computers, due to incompatibilities between Pearson’s testing portal and the device’s standard web browser, Safari.

Updated versions of Safari (on OS X 10.7 or higher) will not support the Java and Flash software necessary to run TestNav unless the browser is operated in what is called “unsafe mode.” 

Brandon Pinette, the senior public affairs manager at Pearson, told Education Week that the company is working with Apple to resolve the matter.

In the meantime, he said that districts can download a Web browswer that is compatible with TestNav, such as Google Chrome, or access the website using Safari’s “unsafe mode.”

Some district leaders have expressed concerns about what the latter recommendation could mean for protecting student data.

Minnesota has a $38 million dollar three-year contract with Pearson.


KARE11 reported on the DDoS attack:

ROSEVILLE, Minn. – Minnesota student testing has been suspended again after what is believed to be a sophisticated hacking attempt.

The state Department of Education said Wednesday it was temporarily halting the computerized Minnesota Comprehensive Assessments that test science proficiency. Testing was also disrupted last month over security and connectivity concerns.

[…]

Pearson released this statement late Wednesday afternoon:

From time to time, online testing providers like Pearson encounter malicious third-party attempts to disrupt their systems. This can lead to a degradation in service that slows system responsiveness, which could affect a student’s ability to start or continue testing.

Pearson has experienced intermittent disruptions today due to a distributed denial-of-service (DDoS) attack. A DDoS attack is a deliberate attempt by an outside party to overload and slow down system traffic.

We have worked throughout the day to mitigate these attacks, minimize the disruptions and return service to normal. We are actively working to strengthen our defenses to fend off these attacks.

DDoS attacks are not attempts to access student data, and at no time was student data compromised. We understand this caused difficulties today for learners and we apologize for any inconvenience.

Pearson has been DDos’d many times in the past; just last year Pearson VUE was apparently down for 5 days:

In the blizzard of paper from my FOIA to NC DPI on Powerschool, a DDoS attack on Pearson was revealed. This attack affected ALL schools in North Carolina using Powerschool.

The press release crafted for NC DPI by Greg Parrish of Pearson softens the original message he sent regarding the attack. Both of these emails are documented in my tweets below:

Advertisements

About A.P. Dillon

A.P. Dillon is a Co-Founder and Managing Editor at American Lens. She resides in the Triangle area of North Carolina and is the founder of LadyLiberty1885.com. Her past writing can also be found at IJ review, Breitbart, FOX news, Da Tech Guy Blog, Heartland Institute, Civitas Institute and StopCommonCoreNC.org. Find her on Twitter: @APDillon_
This entry was posted in Education, LadyLiberty1885, NC DPI, Testing, The Articles and tagged , , , , , . Bookmark the permalink.