Paulina Okunytė reports:
Learnosity, an e-learning platform with more than 40 million learners, has disclosed a cybersecurity incident that affected users’ private data.
A notice to affected clients on June 17th informed users of a “data security incident” that may have exposed their data. A publicly shared copy of the notice did not specify the user data points in question.
[…]
The company told Cybernews that the incident was a phishing attack targeting HR staff. As a result of the attack, an employee list was viewed but not downloaded. According to the company, the targeted employee had no access to the product or user data.
“We disclosed out of an abundance of caution, and adherence to various legal obligations,” said the company spokesperson.
Read more at Cybernews.