Notice on 全国学生信息交流中心 student data breach
湖区州立大学 has recently been notified by the 全国学生信息交流中心 (NSC) of a data breach that involved personal student data that the Clearinghouse maintains on behalf of the vast majority of US higher education institutions. 根据NSC, an unauthorized third party obtained certain files, 包括学生数据文件, transferred by NSC through the MOVEit Transfer tool, 文件传输软件产品. 在得知此漏洞后, NSC launched an investigation and took steps to secure its systems. This incident took place within NSC’s system and not within the campus system. 湖区州立大学 internal data systems for student and alumni records are secure and have not been impacted by this cybersecurity incident.
此时此刻, NSC has provided no further details or specific information about the data that were affected. NSC has informed us that it is working with a third-party vendor to review affected files and identify individuals whose personal information appears in the files. 一旦审查完成, NSC has indicated it will provide us with a list of affected individuals. At that time, we will work with NSC to notify any individuals impacted. The NSC has provided the following link for individuals to monitor the incident: http://alert.studentclearinghouse.org/
常见问题解答
什么是全国学生信息交流中心?
The NSC is a non-profit organization founded in 1993 to provide educational reporting, 研究, 而数据服务为3个以上,600所高等院校.
发生了什么事?
根据NSC, software provider Progress Software recently announced a security vulnerability related to its MOVEit Transfer product, potentially affecting thousands of organizations worldwide. 根据Progress软件, an unauthorized party discovered the vulnerability in the MOVEit Transfer software, which could allow unauthorized access to files being transferred using the tool.
根据NSC正在进行的调查, they have determined that an unauthorized party obtained certain files transferred through the Clearinghouse’s MOVEit environment, including files containing data that is maintained on behalf of some of its customers. NSC has indicated there is no evidence to suggest that the unauthorized party specifically targeted the Clearinghouse or 湖区州立大学.
Is 湖区州立大学’s data system safe?
是的. While it is impossible to guarantee 100% cybersecurity, this incident took place within NSC’s system and not within 湖区州立大学’s systems. 目前, 湖区州立大学’s internal student and alumni data systems have not been impacted by this cybersecurity incident.
What information was contained in the files?
此时此刻, we do not know the extent of the data that was compromised. LRSC, along with most public and private colleges and universities across the country, 向NSC提供学生数据.
Does this incident involve the records of any alumni?
湖区州立大学’s internal alumni data systems were not affected by this incident. 然而, since we have no information about the specific files and data that were impacted, we do not yet know if data of students who have now graduated were involved.
Does this incident involve employee records?
湖区州立大学’s internal employee data systems were not affected by this incident. 然而, the underlying security issue with the MOVEIt Transfer tool has impacted many corporations, 政府机构, 世界各地的组织. An individual may receive notification of a security issue from a different organization.
LRSC是如何应对这一事件的?
湖区州立大学 takes student data privacy very seriously. Campus leaders are in active communication with the 全国学生信息交流中心 to receive updates and coordinate information.
How soon will I know if my data was compromised?
NSC notified us that it is working with a third-party vendor to review affected files and expects that review to be completed within the next few weeks. 在那之后, NSC will begin providing its campus contacts with more information on individuals affected. We will work with NSC to ensure affected individuals are promptly notified.
我可以怎样保护我的个人资料?
Here are some general guidelines to follow:
保持移动设备和应用程序的更新
• Don’t click random links or visit unknown websites
• Delete or report suspicious emails to avoid granting access to accounts
• Update and secure all home devices connected to the internet
• Use strong passwords and two-factor authentication and confirm privacy settings
• Practice safe social media use; be careful not to post personal/sensitive information
• Avoid free Wi-Fi networks to prevent compromising sensitive information
• Secure home Wi-Fi networks and digital devices by changing the factory password
• Optimize operating system, browser, and security software by installing recommended updates