One major nonprofit has become the victim of a disclosed major data breach, affecting 890 schools all across the US: the National Student Clearinghouse, or NSC. The organization has announced that they have experienced a considerable data breach that has put their clients’ data at risk. What does this mean for affected organizations and their clientele?
This isn’t just an announcement that there may have been a breach; this is a breach, and the Office of the California Attorney General and NSC administrators have confirmed that hackers gained access to the MOVEit managed file transfer server on May 20, 2023. They then stole files containing personal information such as names, dates of birth, contact information, Social Security numbers, student ID numbers, and other records.
If you would like to learn more about the specifics of the breach, you can do so by reading the official report.
This organization is notable in that it provides educational reporting, data exchange, verification, and other such services to about 22,000 secondary schools and around 3,600 colleges across the nation. It’s estimated that this attack has exposed the personally identifiable information of over 50,000 individuals.
A zero-day flaw exposed the NSC’s MOVEit managed file transfer system to an attack by the Clop ransomware gang, who has taken responsibility for the attack against NSC. After gaining access to the server, they extorted organizations that were affected by the attack on NSC. Only a handful of them have handed over ransoms to Clop, but even that is enough to give the ransomware gang tens of millions of dollars in profits.
We know that the number of businesses you work with every day might not be at the same level as NSC, but the fact remains that anyone you do work with, including your business partners, clients, and even employees, could be at risk of a ransomware attack due to negligence on your part. Don’t let the bad guys win—start working with FRS Pros today by calling us at 561-795-2000.