Hundreds of US schools compromised following ransomware hack

A white padlock on a dark digital background.
(Image credit:

The National Student Clearinghouse has become the latest major victim of the infamous MOVEit managed file transfer breach. 

However, the problem is - this organization is a service provider, servicing thousands of high schools and colleges across the US, and as a result, almost 900 schools have had sensitive data taken.

In a breach notification letter posted on the website of the Office of the California Attorney General, the National Student Clearinghouse confirmed the breach and detailed which information was taken.

Hundreds of victims

“After learning of the issue, we promptly initiated an investigation with the support of leading cybersecurity experts. We have also coordinated with law enforcement. Through our investigation, on June 20, 2023, we learned that an unauthorized party obtained certain files from the MOVEit tool. The issue occurred on or around May 30, 2023,” the notice reads.

“The relevant files obtained by the unauthorized third party included personal information such as name, date of birth, contact information, Social Security number, student ID number, and certain school-related records (for example, enrollment records, degree records, and course-level data). The data that was affected by this issue varies by individual.”

The National Student Clearinghouse is a non-profit organization providing educational reporting, verification, and research services to colleges and universities in North America. More than 3,600 colleges and universities are part of this network, as are some 22,000 high schools.

The organization said it patched its MOVEit instance and placed additional monitoring capabilities on its endpoints. At the same time, it gave the victims two years of identity monitoring services. 

The National Student Clearinghouse is just the latest in a long string of victims of a supply chain attack that started with the breach of MOVEit.

MOVEit is a managed file transfer service used by hundreds of organizations and corporations, both in the private and public sectors. It was compromised by a known ransomware actor - Cl0p. Infosecurity Magazine says, citing experts, that the threat actor could make as much as $100 million by extorting the victims of the breach, without breaking a sweat.

Via Infosecurity Magazine

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.