Association Of Texas Professional Educators Confirms Breach
ATPE said that while it has no evidence that anyone's information has been misused, it is notifying members "out of an abundance of caution and for purposes of full transparency."
Alan J June 20th, 2024
Share on LinkedInShare on Twitter
The Association of Texas Professional Educators (ATPE) is notifying more than 414,000 of its members that their personal information may have been compromised in a data breach incident that occurred earlier this year.
ATPE is largest community of educators in Texas, and aims to elevate public education in the state. The association advocates for Texas educators and provides affordable, high-quality products and services, including legal and educational services.
The professional organization for educators said in a recent letter that it detected suspicious activity on its network on Feb. 12 and launched an investigation with the help of a cybersecurity firm.
Association of Texas Professional Educators Data Breach
On February 12, 2024, ATPE detected abnormal activity on its network, which led to a comprehensive forensic investigation. The investigation concluded on March 20, 2024, and found evidence that some of ATPE’s systems had been accessed by an unauthorized user.
Based on this finding, ATPE reviewed the affected systems to identify the specific individuals and types of information that may have been compromised. The accessed information varied depending on when members joined:
- For those who became members before May 15, 2021, the breach may have exposed names, addresses, dates of birth, Social Security numbers and medical records. Tax Identification Numbers could also possibly have been accessed if employers used them as identifiers.
- For members who received payments from ATPE via ACH transactions, financial account information could also have been accessed.
ATPE said that while it has no evidence that anyone’s information has been misused, it is notifying members “out of an abundance of caution and for purposes of full transparency.”
Response to Breach Incident and Credit Offering
Since discovery of the breach, ATPE stated that it has taken several steps to secure its systems, including:
- Disconnecting all access to its network.
- Change of administrative credentials.
- Installation of enhanced security safeguards on ATPE’s environment and endpoints.
- Restoration of ATPE’s website in a Microsoft Azure hosted environment.
The organization said it will continue efforts to mitigate potential harm in the future. ATPE is providing affected members with free credit monitoring and identity protection services for one year through Cyberscout, a company specializing in fraud assistance. Members must enroll by Sept. 15, 2024. Details on how to activate the free services are included in the notification letters sent to members’ homes.
The association has also advised individuals to remain vigilant for possible incidents of identity theft and fraud, review account statements, and monitor credit reports for suspicious or unauthorized activity.
ATPE said it sincerely regrets any concern or inconvenience caused by the incident but remains committed to safeguarding users’ personal information. Law firm Federman & Sherwood has announced that it would conduct a separate investigation into the Association of Texas Professional Educators data breach.