Sent: 2023-07-05
From: EIU
To: Various Recipients
Subject: National Student Clearinghouse Data Breach
EIU has been notified that the personal data of a portion of our students may have been impacted in a recent cyberattack on the National Student Clearinghouse (NSC). The exact impact on the data we are required to share with the NSC remains unclear. Some of the data files shared with the NSC contain personally identifiable information, including students' social security numbers and dates of birth.
The NSC employs the MOVEIt transfer tool, which recently experienced a vulnerability allowing unauthorized access. According to news reports, this MOVEIt vulnerability has affected millions of people nationwide. It's important to note that EIU does not directly contract with MOVEIt, and our local systems were not compromised in this attack.
Currently, there is no evidence to suggest that any compromised information has been fraudulently used. NSC is conducting an ongoing investigation and will directly notify the individuals whose data was accessed.
EIU is actively monitoring the situation and will share any relevant information received from NSC in the future. In the meantime, please refer to the following FAQs for more detailed information.
Where can I learn more about this breach?
The national student clearinghouse has setup a site to learn more: https://alert.studentclearinghouse.org/
Who was impacted by this breach?
The NSC has not shared with EIU which individuals are affected. The NSC has indicated that they will notify individuals directly if you are impacted.
Who can I contact if I have questions?
You can contact NSC directly through their support form.
