Acitve Network’s
Blue Bear Software platform reported that unauthorized activity in its network earlier
this year resulted in customer PII being exposed.

The company
reported the issue to the California
Attorney General’s office stating it recently became aware that between Oct.
1, 2019 and Nov. 13, 2019 there was illegal activity taking place on its Blue
Bear platform during which time personal information was accessed or acquired
by malicious actors.

Blue Bear
makes software for public K-12 schools and school districts.

The
information possibly accessed included name, payment card expiration date and
security code and Blue Bear account usernames and passwords. The attackers did
not access Social Security numbers, driver license numbers, or similar
government ID card numbers.

“As soon as
we identified the suspicious activity, our counsel engaged a leading cybersecurity
firm to investigate the incident and took steps to enhance its monitoring tools
and security controls. We are also offering you free identity monitoring
services,” the company said.