Pearson Is Everywhere: MN Tests Get Hacked Edition

Pearson: Always Earning

Pearson: Always Earning

Welcome back to Pearson Is Everywhere!

Last time, we saw that Over 175k Opted Out of Pearson PARCC in NY.


Today, we’re looking at Minnesota’s tests being hacked, causing the testing to be temporarily canceled.  The attack was a DDoS (denial of service) attack.

According to Ed Week, even their practice runs had issues. Technical ‘glitches’ with browser compatibility seriously hampered the practice runs. Pearson’s answer was to direct the browsers to turn off security measure and run them in “unsafe mode”:

Issues have been reported most often by districts equipped with Apple computers, due to incompatibilities between Pearson’s testing portal and the device’s standard web browser, Safari.

Updated versions of Safari (on OS X 10.7 or higher) will not support the Java and Flash software necessary to run TestNav unless the browser is operated in what is called “unsafe mode.” 

Brandon Pinette, the senior public affairs manager at Pearson, told Education Week that the company is working with Apple to resolve the matter.

In the meantime, he said that districts can download a Web browswer that is compatible with TestNav, such as Google Chrome, or access the website using Safari’s “unsafe mode.”

Some district leaders have expressed concerns about what the latter recommendation could mean for protecting student data.

Minnesota has a $38 million dollar three-year contract with Pearson.

KARE11 reported on the DDoS attack:

ROSEVILLE, Minn. – Minnesota student testing has been suspended again after what is believed to be a sophisticated hacking attempt.

The state Department of Education said Wednesday it was temporarily halting the computerized Minnesota Comprehensive Assessments that test science proficiency. Testing was also disrupted last month over security and connectivity concerns.


Pearson released this statement late Wednesday afternoon:

From time to time, online testing providers like Pearson encounter malicious third-party attempts to disrupt their systems. This can lead to a degradation in service that slows system responsiveness, which could affect a student’s ability to start or continue testing.

Pearson has experienced intermittent disruptions today due to a distributed denial-of-service (DDoS) attack. A DDoS attack is a deliberate attempt by an outside party to overload and slow down system traffic.

We have worked throughout the day to mitigate these attacks, minimize the disruptions and return service to normal. We are actively working to strengthen our defenses to fend off these attacks.

DDoS attacks are not attempts to access student data, and at no time was student data compromised. We understand this caused difficulties today for learners and we apologize for any inconvenience.

Pearson has been DDos’d many times in the past; just last year Pearson VUE was apparently down for 5 days:

In the blizzard of paper from my FOIA to NC DPI on Powerschool, a DDoS attack on Pearson was revealed. This attack affected ALL schools in North Carolina using Powerschool.

The press release crafted for NC DPI by Greg Parrish of Pearson softens the original message he sent regarding the attack. Both of these emails are documented in my tweets below:

About A.P. Dillon

A.P. Dillon is a reporter currently writing at The North State Journal. She resides in the Triangle area of North Carolina. Find her on Twitter: @APDillon_ Tips:
This entry was posted in A.P. Dillon (LL1885), EDUCATION, NC DPI, Testing and tagged , , . Bookmark the permalink.