Star ed-tech company discloses data breach

Learnosity, an e-learning platform with more than 40 million learners, has disclosed a cybersecurity incident.

A notice to affected individuals on June 17th informed them of a “data security incident” that may have exposed their data. A publicly shared copy of the notice did not specify the data points in question.

Learnosity states that it has taken “immediate action” to secure its systems and started an investigation to determine the nature and scope of the incident.

The company told Cybernews that the incident was a phishing attack targeting HR staff. As a result of the attack, an employee list was viewed but not downloaded. According to the company, the targeted employee had no access to the product or user data.

“We disclosed out of an abundance of caution, and adherence to various legal obligations,” said the company spokesperson.

Learnosity has offered 12 months of credit monitoring services free of charge to the affected users.

Time Magazine listed the Irish-based company among the world’s leading ed-tech companies in 2024, with just two other European companies making the cut.

In 2021, the company acquired a British company, Questionmark, which specializes in online assessment software. The incident affected both the parent company and its subsidiary.

Updated on June 18th with Learnosity’s statement. User private data, as claimed by the company, was not affected.