The National Student Clearinghouse is an organization that specializes in verifying the identity of students attending college in the United States. The company works with thousands of different schools and processes data for students attending all of them. This organization handles a huge amount of personal information, which is devastating to students because it was just breached.
The National Student Clearinghouse relied on the MOVEit file transfer tool to move delicate information around. That information became available to hackers through a zero-day exploit. Through the exploit, the attackers were able to access database storage containing data for thousands of different students.
The creators of MOVEit announced the existence of a Zero-Day exploit on May 31, 2023. Attacks on MOVEit users started at the end of May and continued throughout June.
The National Student Clearinghouse breach impacts thousands of students at many different universities. Schools such as SUNY Fredonia, St. Petersburg College, Colorado State University, the University at Buffalo, and many others were impacted by these attacks. The National Student Clearinghouse informed all the schools that may have been affected and the schools are notifying their students individually or through public announcements.
We don't have a specific file count for this college data breach. We only know that dozens of universities may be involved, and thousands of students are at risk of being exposed or attacked, or suffering from identity theft.