Acitve Network’s Blue Bear Software platform reported that unauthorized activity in its network earlier this year resulted in customer PII being exposed.
The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place on its Blue Bear platform during which time personal information was accessed or acquired by malicious actors.
Blue Bear makes software for public K-12 schools and school districts.
The information possibly accessed included name, payment card expiration date and security code and Blue Bear account usernames and passwords. The attackers did not access Social Security numbers, driver license numbers, or similar government ID card numbers.
“As soon as we identified the suspicious activity, our counsel engaged a leading cybersecurity firm to investigate the incident and took steps to enhance its monitoring tools and security controls. We are also offering you free identity monitoring services,” the company said.