School management software provider discloses severe security breach

Active Network discloses security incident that impacted school online stores built on the Blue Bear platform.

Platform used by parents to pay school fees discloses severe security breach Active Network discloses security incident that impacted school online stores built on the Blue Bear platform.

Active Network, a company that provides web-based school accounting software for K-12 schools and districts, disclosed a severe security breach earlier this week.

The US-based company said hackers gained access to Blue Bear, a software platform that facilitates administration and management of school accounting, student fees, and online stores on behalf of schools and other educational institutions.

Parents who accessed a school's (Blue Bear-based) web store to pay school fees or buy books and school supplies between October 1, 2019, and November 13, 2019, might have had their personal data stolen by hackers, Active Network said.

The type of data hackers might have collected includes their name, payment card number, payment card expiration date, payment card security code, and store username and password.

The school is still investigating the incident but has already started notifying affected parents, according to a data breach notification letter obtained by ZDNet.

Based on the type of data Active Network said hackers might have collected, this appears to be a so-called web skimming (Magecart) attack -- where hackers breached Active Network's Blue Bear platform and planted malicious code on Blue Bear school stores that collected users' payment details in real-time, while they were paying fees and products.

These types of attacks were some of the most common hacks last year, and the FBI issued a security alert last October, warning the US private sector to deploy security measures and safeguard online stores against possible compromises.

An Active Network spokesperson could not be immediately reached over the weekend for additional insights and comments.

A Tulsa-based law firm is currently conducting an investigation into the breach, and asking impacted victims to come forward, in the hopes of filing a class-action lawsuit.