16th Aug 2021 17:31
(Alliance News) - Pearson PLC late Monday said it has reached a settlement of an enforcement action with the US Securities & Exchange Commission pertaining to a cyber attack.
Pearson said it has agreed to pay USD1 million to settle SEC charges that it misled investors about a 2018 cyber intrusion in connection with its AIMSweb 1.0 software tool. The theft of millions of student records, including dates of births and email addresses and had inadequate disclosure controls and procedures.
"As the order finds, Pearson opted not to disclose this breach to investors until it was contacted by the media, and even then Pearson understated the nature and scope of the incident, and overstated the company's data protections," said Kristina Littman, chief of the SEC Enforcement Division's Cyber Unit. "As public companies face the growing threat of cyber intrusions, they must provide accurate information to investors about material cyber incidents."
Under the settlement, the London-based education publisher has neither admitted nor denied the findings set out in the SEC's order, including the violations.
"Pearson will be subject to a cease and desist order requiring Pearson not to engage in violations of certain provisions of the federal securities laws and will pay a civil penalty of USD1.0 million. In the order, the SEC acknowledged Pearson's cooperation with the SEC staff," Pearson said.
The stock closed 0.8% lower at 778.00 pence in London on Monday.
By Arvind Bhunjun; [email protected]
Copyright 2021 Alliance News Limited. All Rights Reserved.
Related Shares:
Pearson