Abstract
A major nonprofit has disclosed a major data breach that has affected 890 schools across the United States. The National Student Clearinghouse (NSC) has announced that they have been the victim of a data breach that has put its clients’ data at risk. Let’s take a look at what this means.
It’s an Official Breach
This information comes from the Office of the California Attorney General. NSC administrators have claimed that attackers successfully gained access to the MOVEit managed file transfer server on May 30, 2023, and were able to make off with files containing a vast array of personal information that includes names, dates of birth, contact information, Social Security numbers, student ID numbers, and some other school-related records.
U.S. educational nonprofit National Student Clearinghouse (NSC) has disclosed a data breach affecting 890 schools using its services across the United States. If you would like to learn more about the breach, you can access the official report from the organization here.
The organization provides educational reporting, data exchange, verification, and other services to over 22,000 secondary schools and around 3,600 colleges nationwide. Overall, it has been estimated that over 50,000 individuals have had some form of personally identifiable information (PII) leaked in the attack.
Ransomware Group Behind the Attacks
By using a zero-day security flaw in NSC’s MOVEit managed file transfer system, the Clop ransomware gang has claimed responsibility for the NSC data theft. After gaining access to the server on May 27, it started extorting organizations that fell victim to the attacks, threatening to leak information on the dark web if ransom was not paid. As of this writing, only a limited number of affected organizations have given in to Clop’s ransom demands, but those responsible are expected to collect tens of millions of dollars from the breach.
Do What You Can to Protect Your Sensitive Data
You might not work with thousands of other organizations, but you do hold some sensitive information that could hinder your business if it were to be stolen. Furthermore, no organization wants to be the victim of a ransomware extortion scheme. If you are concerned that you are apt to be exposed to cybercriminals, there are a lot of things you can do. We can help! Give our IT security experts a call today at 888-748-2525 to learn how.
ABOUT THE AUTHOR
Rafiq Masri
With over 25 years of experience in Information Technology, Rafiq is one of the most accomplished, versatile and certified engineer in the field. He has spent the past 2 ½ decades administering and supporting a wide range of clients and has helped position Network Management, Inc. as a leader in the IT Managed Services space.
Rafiq has built a reputation for designing, building and supporting top notch IT infrastructures to match the business objectives and goals of his clients.
Embracing the core values of integrity, innovation, and reliability, Rafiq has a very loyal client base with some customer relationships dating back 20+ years.
Rafiq holds a bachelor’s degree in Mechanical Engineering from the University of Michigan and has completed graduate programs in Software Engineering and Business at Harvard and George Mason University. Rafiq is a former founder and CEO of Automation, Inc. in Ann Arbor, Michigan as well as a valued speaker on entrepreneurship and technology at industry events such as ExpoTech and others.