Pearson hit by cyberattack
These people obviously don't read. There was even recently a number of articles in relation to the amount of credentials stored within services like GitHub, GitLab and others.
There was also a staggering amount of information released on the use of AI in software development that contained sensitive information within the chat data of the respective AI services.
Education giant Pearson hit by cyberattack exposing customer data
Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned.
Lawrence Abrams
This statement comes after sources told BleepingComputer that threat actors compromised Pearson's developer environment in January 2025 through an exposed GitLab Personal Access Token (PAT) found in a public .git/config file.
A .git/config file is a local configuration file used by Git projects to store configuration settings, such as a project name, email address, and other information. If this file is mistakenly exposed and contains access tokens embedded in remote URLs, it can give attackers unauthorized access to internal repositories.
Whoops
#enoughsaid