BOISE, Idaho (CBS2) — According to a recent news release, a worldwide data breach of MOVEit Transfer software may impact the personal information of students and employees of Idaho higher education institutions maintained by the National Student Clearinghouse (NSC) and Teachers Insurance Annuity Association of America (TIAA).
There is nothing that students or institution employees need to do to secure their institution accounts or data because the data breach involves a third-party vendor used by the National Student Clearinghouse and TIAA. No systems managed by OSBE or Idaho's public higher education institutions have been compromised.
Seven of Idaho's public higher education institutions, North Idaho College, Lewis-Clark State College, the University of Idaho, College of Western Idaho, Boise State University, College of Southern Idaho and Idaho State University, have been contacted by the NSC and notified that personally identifiable information about some students attending the institutions was compromised as a result of the data breach.
OSBE and Idaho's public higher education institutions are monitoring the situation and will support NSC and TIAA's efforts regarding notification to impacted students as information becomes available.
The release says a data hacker found a vulnerability in a file transfer tool called MOVEit Transfer, which serves as a third-party vendor used by both NSC and TIAA. The breach affects higher education institutions and businesses throughout the country.
The hacker accessed and downloaded some personally identifiable information held by both entities.
The NSC believes its systems have since been secured against further intrusion. TIAA says the MOVEit Transfer vulnerability has not affected the company's internal systems, and no information was obtained from TIAA.
NSC is providing information about its response atalert.studentclearinghouse.org. Students are encouraged to monitor the website regularly for further information from the Clearinghouse. TIAA says affected individuals will receive a letter by mail offering free credit monitoring for two years.
OSBE and Idaho's higher education institutions encourage students and employees to take steps to protect themselves from potential identity theft. The Federal Trade Commission provides information about how to protect against identity theft atidentitytheft.gov/databreach.
More information about the data breach is available at: alert.studentclearinghouse.org
ncG1vNJzZmihlJa1sLrEsKpnm5%2BifK%2Bx1qxmpaeTlrlwtcOan6hlmJ60qbHRZpydrZOWwaq7zWagp6uknsG2wMiopaxlkZuzpq%2FTnptmmqlixLC%2By52uopyVYrGiwMBmmaudkZi1