Diving Brief:

• Illuminate Education was acquired by Renaissance, according to the educational technology companies’ websites and an email to Renaissance customers August 24. The transition follows a January cyberattack on Illuminate Education that led to a data breach affecting the nation’s two largest school systems – New York City Public Schools and Los Angeles Unified School District — among others.
• With the acquisition, Illuminate products will now operate under the Renaissance name, Renaissance CEO Chris Bauleke said in the email to customers. Illuminate operated a tiered system of materials management platform, while Renaissance provides tools for instructional assessments, data-driven insights, and teacher-facilitated instructional delivery.
• The Illuminate acquisition was unrelated to the security incident earlier this year, Renaissance said in an emailed statement Tuesday. The amount of the acquisition was not disclosed.

Overview of the dive:

So why did Renaissance acquire Illuminate? Bauleke told customers in the email that adding Illuminate’s products to Renaissance will expand the company’s ability to provide assessments and help teachers provide better feedback and personalized learning to students.

Bauleke acknowledged in the email “that some [Illuminate] systems containing potentially protected student information were subject to unauthorized access” earlier this year.

“We have no evidence that the data was misused, but as a precaution, Illuminate has made available identity monitoring for anyone notified,” Bauleke said. “At Renaissance, we have a robust security environment across all platforms to give you confidence that your student data is protected.”

More than 40% of schools use Renaissance, according to the company’s websitewhile Illuminate Education products reach 17 million students in 5,200 schools and districts nationwide.

Given the scale of the breach, Illuminate’s issues may not be easily overlooked by some education officials.

Earlier this month, the non-profit forum Future of Privacy said it had removed Illuminate as a signatory from its Student Privacy Pledge listing, LE Journal reported. This is the first time a company has been removed from the Voluntary Data Protection Pledge, and the forum has forwarded its decision to federal and state authorities for possible legal action against Illuminate.

“Failure to uphold the covenant during a public attestation of compliance may be a deceptive and deceptive business practice under federal and state law if confirmed by these agencies,” Future of Privacy Forum said in a statement. press release reported by THE Journal.

The New York City Department of Education said Illuminate promised to encrypt student information in a data privacy and security agreement with the district. However, when the cyberattack happened, the district said the seller didn’t. In June, the department stopped using Illuminate products after the personal data of approximately 820,000 current and former students was compromised in the attack.

Illuminate said in a previous statement that there was no evidence of fraudulent or illegal activity involving unauthorized access to data. The company also said it does not store financial information or social security numbers.