In September, we were alerted by an exposure management company regarding a potential vulnerability relating to the configuration of an endpoint in Parent Portal. We immediately investigated the issue and determined that the information potentially exposed consisted of encrypted passwords (i.e., unusable credentials), school and district names, and directory-type information. However, given that the configuration potentially exposed information we did not intend to leave exposed regardless of whether it was usable or statutorily protected, we researched the issue and resolved it in the next build of the product.
Education Logistics treats the security of all of our products as one of our very highest priorities and is always working to enhance our security measures. The collaborative approach of third parties and independent researchers is an important part of how we reduce and protect the attack surface of our products.
If you have questions or concerns, please reach out to your Account Manager.