Goddard Systems, LLC, which manages The Goddard School® franchise system, has recently notified individuals of a cybersecurity incident potentially affecting their personal data. The incident was first identified on September 13, 2023, when suspicious activity was detected in an employee’s email account. In response, Goddard Systems secured the compromised account and enlisted the help of third-party cybersecurity forensic experts to determine the scope and nature of the abnormal activity, which was traced back to activities starting on September 8, 2023.
Upon a thorough investigation, it was determined that the email account contained personal data including names of individuals. The investigation concluded on March 13, 2024, and revealed that while sensitive data was indeed exposed, there was no evidence to suggest that this information was accessed or misused by unauthorized parties. Despite the lack of direct access evidence, the potential risk prompted Goddard Systems to take preventive measures to secure and mitigate any possible damage.
As a precaution and part of its commitment to the affected individuals’ security, Goddard Systems is offering complimentary credit monitoring and identity theft protection services. These services are provided by Cyberscout, a TransUnion company, and include immediate alerts on changes to credit files for twenty-four months, along with proactive fraud assistance. This initiative reflects Goddard’s proactive stance in dealing with the data breach, aiming to support and protect individuals potentially impacted by the incident.
Additionally, Goddard Systems has taken significant steps to bolster its cybersecurity measures following the incident. These include resetting multi-factor authentication protocols, revising email access policies, and enhancing permission restrictions to fortify its digital infrastructure. The company has also notified state regulators as required, and continues to review and improve its data security policies and procedures to prevent future occurrences. This incident underscores the ongoing challenges organizations face in securing personal data and the importance of robust cybersecurity practices.
