National Student Clearinghouse MOVEit breach impacts nearly 900 schools

2023-09-25 11:18

US educational nonprofit organization National Student Clearinghouse has revealed that the breach of its MOVEit server ended up affecting almost 900 colleges and universities, and resulted in the theft of personal information of their students.

NSC has filed a breach notification letter with the California Attorney General's Office on behalf of the affected schools.

The notification letter informed affected students - whose total number has not been disclosed - about the security breach resulting from a cyberattack that exploited a vulnerability in the MOVEit managed file transfer solution.

"Through our investigation, on June 20, 2023, we learned that an unauthorized party obtained certain files from the MOVEit tool," the data breach notice reads.

"The upstream/downstream in many MOVEit incidents is extremely complex, with some organizations being impacted because they used a vendor which used a contractor which used a subcontractor which used MOVEit. Additionally, some organizations have had MOVEit exposure via multiple vendors," noted Emsisoft's Zach Simas.

In late June, 2023, NSC notified the schools about the MOVEit breach, but did not provide many details as the investigation was still ongoing.

News URL

https://www.helpnetsecurity.com/2023/09/25/clearinghouse-moveit-breach/

#breach #moveit