– Updated 10/27/2923 – This data breach compromised 230,000 individuals according to the Detroit News.
—
If you attended the University of Michigan, your personal information is at risk. The media was full of stories about the U-M networks being shut-down at the beginning of the semester. Now we know at least one reason why. The U-M had to shut down its networks because the U.S. educational nonprofit National Student Clearinghouse (NSC) disclosed a data breach affecting UMich. The breach also impacted 890 other institutions using NSC services across the United States. Here is the complete list.
NSC said that attackers gained access to its MOVEit managed file transfer (MFT) server on May 30 and stole files containing a wide range of personal information. NSC reported the breach to the Office of the California Attorney General,
On May 31, 2023, the Clearinghouse was informed by our third-party software provider, Progress Software, of a cybersecurity issue involving the provider’s MOVEit Transfer solution
What personally identifiable information
According to Bleeping Computer the personally identifiable information (PII) stolen includes names, dates of birth, contact information, Also compromised were Social Security numbers, student ID numbers. Finally they report and some school-related records (e.g., enrollment records, degree records, and course-level data) were also stolen.
What is the National Student Clearinghouse
The National Student Clearinghouse provides educational reporting, data exchange, verification, and research services. They provide services to roughly 22,000 high schools and around 3,600 colleges and universities. The organization says its participants enroll roughly 97% of students in public and private institutions.
Who is behind the MoveIT data breach
The Clop ransomware gang is responsible for the extensive data-theft attacks that started on May 27. The attackers leveraged a zero-day security flaw in the MOVEit Transfer secure file transfer platform.
Starting June 15, the cyber criminals began extorting organizations that fell victim to the attacks, exposing their names on the group’s dark web data leak site. The cybercrime gang is expected to collect an estimated $75-100 million in payments due to the high ransom requests.
Reports have also revealed that multiple U.S. federal agencies and two U.S. Department of Energy (DOE) entities have fallen prey to MOVEit-related these data theft and extortion attacks.
Related article
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.