Apply Visit Campus Request Info Give
ForesterNet Search Menu

News and Events

Lake Forest College / News and Events / Update on MOVEit software and third-party vendor data breaches

Update on MOVEit software and third-party vendor data breaches

aerial shot of college
July 25, 2023
Ravi Agarwal, Chief Information Officer

Lake Forest College is actively monitoring and responding to data breaches related to MOVEit Transfer, a file transfer software used by many third-party vendors.

The College was alerted to the hack by third-party service providers National Student Clearinghouse (NSC), United Healthcare, and TIAA. 

MOVEit software enables organizations to transfer large data files between systems and was being used by these third-party organizations. This breach is affecting colleges and universities internationally.  

No systems that are operated or maintained by Lake Forest College were breached. This incident is localized to the third-party vendors. The third-party vendors that have been impacted by the breach currently identified include: 

  • TIAA: a financial provider for educators and academics 
  • The National Student Clearinghouse: a national nonprofit that collects enrollment and other student data from thousands of colleges and universities  
  • United Healthcare: a health insurance provider serving college students 

The information contained on the MOVEit server varies by individual and may have included personally identifiable information, though at this time it does not appear that financial information is included.  

While TIAA and NCC are still investigating, according to United Healthcare, the following information was exposed: 

  • First and last name 
  • Date of birth 
  • Address 
  • Health insurance member identification number 
  • Dates of service 
  • Provider names 
  • Claim information 
  • Group name and number 

These third-party providers will be notifying any faculty, staff, or students impacted by this breach individually with steps to mitigate risk and protect data, along with additional monitoring services.  

While there was no breach to Lake Forest College’s infrastructure, these third-party provider breaches are concerning. The College recommends individuals stay vigilant and take precautionary steps to protect sensitive data: 

  • Be aware of the possibility of  phishing emails.
  • Create effective passwords.
  • Use multifactor authentication on devices and accounts whenever possible. (This is already required for all Lake Forest College systems.) 
  • Do not maintain data and files that are not needed.
  • Pull a free credit report annually. You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting annualcreditreport.com or by calling toll-free 877-322-8228. 

The College will continue to monitor this situation and will update this story as more information becomes available.  

News and Events