勒索软件组织Clop的MOVEit数据泄露对高等教育机构产生了怎样的影响?
网络安全攻击一直在全国范围内发生,暴露了Progress Software公司MOVEitbet9平台游戏的安全问题.
据信,勒索软件组织Clop的目标是MOVEit文件传输程序中的一个漏洞,该漏洞允许第三方查看和共享该工具用户发送的大量敏感数据.
Clop is believed to have targeted over 3,000 organizations in the U.S. and reportedly stolen at least 38 million individual records, including information on the student record database.
Several colleges, including UCLA, St. 玛丽大学、韦伯斯特大学、三一学院和米德尔伯里学院都有 expressed concerns stating they have been caught up in the cyberattack. The extent of the impact on the higher education sector continues to grow, with some of the most high-profile names sharing their situation below.
- 国家学生信息中心刚刚报告了一个属于MOVEit漏洞的网络安全问题. 国家学生信息中心的任务是收集美国各大学的入学和其他学生数据. According to its ongoing investigation, 当局确定这些文件是通过信息交换所的MOVEit程序访问的. 国家学生信息中心不确定哪些数据被泄露,但该组织确定学生记录数据库文件被最低限度地访问并可能被Clop泄露. Clearinghouse目前正在寻求执法部门和全球网络安全公司的支持.
- One of TIAA’s third party vendors, PBI Research Services (“PBI”), also has been affected by the MOVEit breach. PBI的工作是为保险机构和养老基金处理私人信息. 由于这一违规行为,PBI向受影响的客户提供两年的免费信用监控.
- Several colleges including Webster, 三一学院和米德尔伯里大学报告称,他们受到了TIAA和Clearinghouse违规行为的影响. TIAA为15000多家机构提供bet9平台游戏,因此这次数据泄露可能会造成相当大的损失.
- Announced recently, 加州教师退休系统(CalSTRS)和加州公务员退休系统(CalPERS)已经受到MOVEit黑客的影响. 加州公务员退休基金提到,这一事件影响了大约770人的个人信息,000 of its members. 加州公务员退休基金正在采取强有力的行动来保护和bet9平台游戏其成员的经济利益.
- 佐治亚大学系统也受到了这波网络安全漏洞的打击. They are unaware of whether their system contracted Clop or paid a ransom. Their experts are designing software updates to fix the security problem.
- 在约翰霍普金斯大学和约翰霍普金斯卫生系统中发现了另一起与MOVEit漏洞有关的网络安全事件. 其中一些数据包括姓名、健康账单记录和联系信息. The university said it will be reaching out to impacted members.
How Can Schneider Downs Help?
如果您认为您的组织受到MOVEit攻击的影响或有任何其他问题, please contact our team at cybersecurity@lgmobilereg.com.
About Schneider Downs Higher Education Services
施耐德唐斯高等教育产业集团是一个由经验丰富的专业人士组成的专业团队,专门为从高中到大学的机构提供bet9平台游戏. Our experience in audit and assurance, tax advisory, 技术和数据等使我们的专业人员保持领先于最新趋势, 关注教育行业的发展和挑战,为客户提供及时可行的解决方案.
To learn more, visit our Higher Education Industry Group page.
About Schneider Downs Cybersecurity
施耐德唐斯网络安全实践由提供全面信息技术安全bet9平台游戏的专家组成, including penetration testing, intrusion prevention/detection review, ransomware security, 脆弱性评估和一个健壮的数字取证和事件响应团队. In addition, 如果您怀疑或正在经历任何类型的网络事件,我们的数字取证和事件响应团队可拨打1-800-993-8937,24x7x365.
To learn more, visit m9r3.lgmobilereg.com/cybersecurity.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, at m9r3.lgmobilereg.com/subscribe.