MOVEit Vulnerability Impact at Stockton
Recent news reports have highlighted multiple data breaches impacting millions, stemming from a security vulnerability in the MOVEit file transfer software. This software is utilized by several third-party organizations that maintain relationships with numerous corporations and higher education institutions.
Implications for Stockton University
NSC (National Student Clearinghouse) Incident:
Stockton University was informed by the National Student Clearinghouse (NSC) about a cybersecurity issue connected to the MOVEit vulnerability. This involved student data from Stockton. The NSC collaborates with thousands of educational institutions, including Stockton, to collect student data as mandated by the U.S. Department of Education. Following an in-depth analysis by a top-tier cybersecurity firm, NSC has assured Stockton that no confidential student data from our institution was compromised during the breach. Consequently, no follow-up actions are necessary on our part.
TIAA (Teachers Insurance and Annuity Association) Incident:
Stockton was informed by TIAA that a vendor associated with them was affected by the same MOVEit vulnerability. This means that employees utilizing TIAA's services might have been at risk, with potential exposure of personal details like names, birth dates, and Social Security numbers. After an exhaustive investigation, TIAA is now in the process of sending out data breach notification letters to those affected, alongside guidance on future measures.
It's essential to emphasize that Stockton's internal data systems were never compromised at any point during these incidents. We prioritize data privacy and information security at Stockton, and our intent with this communication is to maintain transparency with our community.