State University of New York campuses reports MOVEit related data breach

State University of New York (SUNY) Broome, along with other SUNY campuses across New York State, is reporting being impacted by a statewide data breach affecting students, employees, and retirees, involving three vendors:

• National Student Clearinghouse,
• TIAA,
• Corebridge,

All incidents are linked to their MOVEit transfer software vulnerabilities.

Although the data leak was initially discovered in June, campus communities are being notified only now, after it was confirmed that theree is a risk of personal identifying information might have been compromised, potentially including student ID numbers and Social Security numbers.

As of August 7, SUNY Broome reported that there's no indication of any attempted unauthorized use of the compromised data.

The assurance has been provided by the vendors that their systems are now secure, and they are collaborating with the FBI and global security experts for an ongoing investigation into the extent of the cyber incident.

Affected individuals will receive notifications from the organizations in the coming weeks, and SUNY Broome recommends that those affected take advantage of their right to obtain a free annual credit report for added security.