National Student Clearinghouse data breach impacts 890 schools


U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States.

In a breach notification letter filed with the Office of the California Attorney General, Clearinghouse said that attackers gained access to its MOVEit managed file transfer (MFT) server on May 30 and stole files containing a wide range of personal information.

“On May 31, 2023, the Clearinghouse was informed by our third-party software provider, Progress Software, of a cybersecurity issue involving the provider’s MOVEit Transfer solution,” Clearinghouse said.

“After learning of the issue, we promptly initiated an investigation with the support of leading cybersecurity experts. We have also coordinated with law enforcement.”

The personally identifiable information (PII) contained in the stolen documents includes names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).

According to the data breach notification letters, the data exposed in the attack varies for each affected individual. The complete list of educational organizations affected by this massive data breach can be found here.

Clearinghouse provides educational reporting, data exchange, verification, and research services to roughly 22,000 high schools and around 3,600 colleges and universities.

The organization says its participants enroll roughly 97% of students in public and private institutions.

Clop ransomware gang behind the MoveIT hacks

The Clop ransomware gang is responsible for the extensive data-theft attacks that started on May 27, leveraging a zero-day security flaw in the MOVEit Transfer secure file transfer platform.

Starting June 15, the cyber criminals began extorting organizations that fell victim to the attacks, exposing their names on the group’s dark web data leak site.

The fallout from these attacks is anticipated to impact hundreds of organizations globally, with many already notifying affected customers over the past four months.

Despite the widespread potential victim pool, estimates from Coveware suggest that only a limited number are likely to yield to Clop’s ransom demands. Nonetheless, the cybercrime gang is expected to collect an estimated $75-100 million in payments due to the high ransom requests.

Reports have also revealed that multiple U.S. federal agencies and two U.S. Department of Energy (DOE) entities have fallen prey to these data theft and extortion attacks.

H/T Brett Callow

Original Source

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.