Lesley University was notified by the National Student Clearinghouse (“NSC”) of a data security incident involving the MOVEit file transfer service, a third-party software tool used by NSC to support the transfer of files. NSC, a nonprofit and nongovernmental organization, is a provider of educational reporting, student data exchange, verification, and research services.
According to NSC, a security vulnerability in MOVEit enabled unauthorized access to files transferred by NSC through the service. NSC launched an investigation, which revealed that personal information appeared in some of the affected files. NSC took measures to protect customer data and is working with law enforcement.
NSC provided information to Lesley which shows that general student information such as name and contact information of some students was in affected files. No personal information such as social security numbers, dates of birth, and student identification numbers of Lesley students was in the affected files.
The exposure was part of a global data security incident involving MOVEit, which is used by thousands of organizations around the globe. As has been reported in the press, this MOVEit incident has impacted state and federal government agencies, financial services firms, pension funds, and many other types of companies and not-for-profit organizations.
All students are advised to monitor their online accounts for possible suspicious activity, use strong online passwords and regularly update them, enable two-factor authentication for accounts, and be vigilant about emails, texts, phone calls, and notices from unfamiliar sources seeking to obtain personal and financial information.
For more information, review NSC’s MOVEit Security Issue Update.
For any questions or concerns, please reach out to the Registrar’s office by submitting a ticket on the Support Hub or by sending an email to help@lesley.edu.