Marshall University Information Technology (MUIT) continues to gather more information from National Student Clearinghouse (NSC) and TIAA regarding a recent security breach involving the MOVEit Transfer tool and the effect of that breach on our community.
We have been notified by two of the College’s service providers, National Student Clearinghouse (NSC) and Teachers Insurance and Annuity Association (TIAA), that certain personally identifiable information and data of some members of our community may have been impacted by the MOVEit Transfer tool data breach that is affecting millions across the country.
Marshall does not use the MOVEit Transfer tool and is not responsible for this data breach. NSC and TIAA have assured Marshall that any affected community member will be formally notified directly and provided information about next steps and whom to contact for inquiries. For those impacted, bear in mind that it is possible that the data in question could have been provided by another institution that uses the services of NSC or TIAA, and you might receive multiple notices.
Safety Precautions You Can Take Now: This unfortunate situation is a reminder that you can take precautionary steps sooner rather than later to protect yourself from data breaches. Regardless of whether your data was exposed in this incident, it is good practice to institute the following steps:
• Frequently review your financial accounts. See the FTC’s “warning signs of identity theft.”
• Check your credit report at annualcreditreport.com.
• Consider placing a credit freeze on your credit report, with each of the three credit reporting agencies—Equifax, Experian, and TransUnion.
• Students should consider enrolling in an identity theft protection service such as TrueIdentity from TransUnion.
Regarding NSC: NSC provides required compliance reporting, data exchange, verification, and research services to many higher education institutions. NSC shared more information on their website.
Regarding TIAA: TIAA provides investment and insurance services for employees working for many organizations in the nonprofit industry in academic, research, medical, government, and cultural fields. TIAA has informed Marshall that the incident involves PBI, a vendor that TIAA uses for verifying death notices and that uses the MOVEit Transfer tool.
MUIT is leading the team that is actively assessing and monitoring the situation. When there is new information, we will communicate further.