CATEGORIES
home News

Clearinghouse Gets An F- Grade For Data Breach Affecting Nearly 900 US Schools

by Nathan OrdMonday, September 25, 2023, 12:25 PM EDT
national student clearinghouse data breach with moveit vulnerability
Nonprofit NGO National Student Clearinghouse handles student data reporting and exchange, serving 3,600 universities and 22,000 high schools around the United States. However, being “the leading provider of educational reporting, data exchange, verification, and research services” would make the organization a rather interesting target for threat actors looking to acquire significant amounts of student data. This is what has seemingly happened as a data breach notice has gone out to individuals associated with 890 schools who have had their personal information compromised.

Earlier this week, the National Student Clearinghouse reported that a breach had taken place in May of this year. Per the breach notice, the NSC was notified by its third-party software provider that there was an issue with the MOVEit Transfer software. This triggered an investigation into the tool, given the recent breaches involving the software, which led to the discovery that an “unauthorized party obtained certain files from the MOVEit tool.”

letter national student clearinghouse data breach with moveit vulnerability

This breach led to the compromise of files that contained “personal information such as name, date of birth, contact information, Social Security number, student ID number, and certain school-related records (for example, enrollment records, degree records, and course-level data).” However, it is also noted that the data compromised varies from person to person, as not all affected people had all their information in the breached files. Regardless, given the severity of this breach, NSC is offering free two years of identity monitoring services to all affected by the breach.

It is believed that this breach is thanks to the Clop ransomware group, which has compromised a slew of organizations thanks to the MOVEit vulnerability. This includes a residential energy provider based out of New England as well as photography and personalized items manufacturing company Shutterfly. However, Clop has not yet claimed National Student Clearing House, so we will have to wait and see if it was that group responsible for the attack.
Tags:  security, cybersecurity, data-breach
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment