A Message to Our Community: August 14, 2023
Posted in: University
The University has been notified by one of our vendors, the National Student Clearinghouse (NSC), that NSC was affected by the recent cyber security vulnerability of MOVEit. MOVEit is a popular file transfer tool owned by Progress Software and used by hundreds of organizations to send and receive data. In addition, the retirement benefits provider, the Teachers Insurance and Annuity Association (TIAA), has notified Bloomfield College that one of TIAA’s vendors also uses MOVEit to send and receive data, and that it is possible that information about Bloomfield employees may have been exposed.
Data for Montclair students is sent to NSC to provide attendance verification and transcripts to students. Because of this incident, NSC has informed us that certain information pertaining to Montclair students may have been exposed.
NSC’s investigation into the incident is underway, and the next phase is to identify the individuals whose personal information appears in the affected files, so that those individuals can be notified of the incident. Additional details about the incident are available on NSC’s website. Individuals confirmed to be involved in the incident will receive notice of the incident directly from NSC.
Like NCS, TIAA is performing a forensic investigation to determine what data was involved in the incident. At this time, Montclair has no reason to believe that any of its information, including information pertaining to current Montclair employees, was affected by the TIAA incident. TIAA has already notified the affected Bloomfield employees of the incident and the actions that TIAA will be taking.
At this time, Montclair has no reason to believe that any of its information, including information pertaining to Montclair employees, was affected by the TIAA MOVEit incident.
Montclair will provide updates about the NSC incident as more information becomes available. However, we wanted to make you aware of this situation now and let you know that our cybersecurity and legal teams are monitoring the situation very closely.
Importantly, Montclair’s and Bloomfield’s data systems were not breached or impacted by this incident.
To learn more about what you can do to help increase your cyber safety, read these tips from the U.S. Cybersecurity and Infrastructure Safety Agency.
If you are concerned that your personal information has been compromised or exposed, read this guide from the U.S. Federal Trade Commission.