MANDAN, N.D. — The personal information of about 2,500 current and former Mandan Public Schools students was exposed by a recent nationwide data breach.

About 13,000 schools and universities around the country were impacted by the data breach involving Pearson Clinical Assessment's software called AIMSweb 1.0. Districts use the software for a variety of purposes, including to monitor student academic progress.

Last week, Bismarck Public Schools announced that the information of 18,500 current and former students and 1,095 district employees was exposed in the breach.

Exposed data was isolated to first name, last name and possibly in some instances date of birth and/or email address, according to a July 31 statement from Pearson. The company wrote in a July 19 letter to Bismarck Public Schools that it believes the breach occurred in November 2018. The FBI is investigating.

The first names, last names and birth dates for 2,527 current and former Mandan students were included in the breach, according to Jeff Rerick, technology director for Mandan Public Schools. Ninety-six students had only their first and last names revealed.

WDAY logo
listen live
watch live

In addition, the first names, last names and emails of 238 Mandan Public Schools employees were exposed, according to Rerick.

He said district officials reached out to affected students and their families last week and posted a letter with more information about the breach on the district's website.

It's unclear how many North Dakota schools districts and students had their personal information compromised in the data breach. The state Department of Public Instruction does not know how many districts were affected but has reached out to Pearson and the state Information Technology Department for more information, spokesman Dale Wetzel said. The Information Technology Department did not immediately respond to a request for comment Monday, Aug. 19.

Pearson said no grade assessment information or other personally identifying information was exposed in the data breach and that the company has no evidence the information that was disclosed was misused. It's offering a free credit monitoring service to those affected.