Pearson's Legacy Data Compromised Through Exposed Access Token

Educational publishing giant Pearson has confirmed a significant data breach, where an unauthorized actor successfully infiltrated their systems and exfiltrated what the company describes as "legacy" data. The breach's root cause has been traced to a critical security oversight - an exposed .git/config file that contained sensitive GitLab Personal Access Token (PAT) credentials.

The attacker leveraged this exposed PAT to gain access to Pearson's source code repositories, where they discovered hardcoded secrets providing access to various cloud platforms and data storage systems. This security lapse created a domino effect, ultimately leading to the compromise of substantial sensitive information.

According to multiple sources familiar with the incident, the stolen data cache is extensive and includes:

• Customer personal information
• Financial records
• Internal support ticket histories
• Proprietary source code

This incident highlights the critical importance of secure credential management and the potential consequences of leaving version control configuration files exposed to public access.

This does not surprise me in the least.  As an outside observer and sometimes a test-taker, the IT infrastructure appears to be held together with baling wire and duct tape.

About this post

Posted: 2025-05-13
By: dwirch
Viewed: 40 times

Categories

Security

News

Attachments

No attachments for this post

Comments

No comments have been added for this post.

You must be logged in to make a comment.