Kennesaw State is one of 890 universities impacted by a National Student Clearing House data breach in May that targeted students’ personal information.
Kennesaw State is one of 890 universities impacted by a National Student Clearing House data breach in May that targeted students’ personal information.
Information was released in late September by the National Student Clearing House showing 890 schools affected by a data breach in May.
According to a Bleeping Computer article, stolen documents contained personally identifiable information (PII) including “names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records.”
Kennesaw is a part of the list of educational organizations that have been impacted by the breach.
Campus Safety Magazine reported that the ransomware gang known as Clop gained access to the information in late May using “SQL injection vulnerability”, which led to a zero-day security flaw.
A breach notification letter was filed with the Office of the California Attorney General saying that the attackers gained access to MOVEit, a managed file transfer server, on May 30, 2023. The notice of data breach states what kind of information was released and they also gave people affected by the data breach advice on what to do including remaining vigilant and “reviewing your account statements and monitoring your free credit reports for suspicious activity.”
Clearinghouse also arranged to offer identity monitoring services for affected individuals for two years at no cost. There is also an extra page of additional resources. Grace Salley, a junior studying Journalism and Emerging Media at Kennesaw State, said she doesn’t remember hearing about anything,
“I guess it just depends on what kind of data breach it was and what was revealed,” Salley said. “I didn’t know anything about that!”
Junior Toy Nelson and senior Xzarria Peterson, both students at the University of Alabama also said they didn’t get any emails about the breach.
“Oh, we didn’t know anything about it,” Peterson said.
As for the students who were made aware of the data breach, some protections were given.
“So our information got leaked and we were given a one-year protection in case people try to apply for credit cards or etc.,” Mercer University junior Aniyah Moore said. “Cause everyone’s social security number, addresses, etc. got leaked, alumni and parents too.”