"Third-Party Data Breach Impacts WSU Community Members"

Many businesses and organizations worldwide have been impacted by a cybersecurity incident related to a widely used filesharing application known as MOVEit Transfer.  While Washington State University (WSU) does not use the MOVEit software, WSU has recently received notifications from third-party service providers that personally identifiable information from some current and prospective WSU students and employees may have been exposed.  The third-party service providers who have contacted WSU include the National Student Clearinghouse (NSC), the Teachers Insurance and Annuity Association (TIAA), and United Healthcare.  The National Student Clearinghouse is a nonprofit organization that provides educational reporting, data exchange, and verification services to more than 3,600 colleges and universities nationwide.  WSU works with the clearinghouse for a variety of purposes, including enrollment and degree verification services and student loan reporting requirements.  Data provided to the National Student Clearinghouse includes personally identifiable information and education records.  TIAA is a financial organization that offers investment and insurance services to employees working in the academic, research, medical, governmental, and cultural fields.  WSU provides names, addresses, dates of birth, and social security numbers for those employees who choose to participate in TIAA services.  The data transferred from WSU to TIAA was not compromised.  However, TIAA has indicated that Pension Benefit Information, LLC, an outside vendor it shares information with, has been impacted.  United Healthcare makes health insurance plans available to college students across the country, including at Washington State University.  United Healthcare notified the university that personally identifiable information, as well as claims information, for some of its WSU student customers, was accessed during a MOVEit Transfer cyberattack in June.

 

Washington State University reports: "Third-Party Data Breach Impacts WSU Community Members"

Submitted by Anonymous on