University Affairs

Third-Party Data Breach May Affect Some USU Students and Employees

A walkway near the Taggart Student Center on USU's Logan campus.

Full Size

Utah State University has been notified by three vendors, the National Clearing House, TIAA, and the Hartford, that they have experienced a data breach in a file transfer software package called MOVEit Transfer, and that this breach has impacted the data of some USU employees and students.

Importantly, no systems operated or maintained by USU were breached. Still, the university is actively monitoring the situation and will share relevant future information it receives from the NSC, TIAA, and The Hartford. Employees and students whose data was exposed in this breach will be contacted by mail by the National Clearing House and PBI, which is a subcontractor to TIAA and the Hartford. This notice will include more information about the data impacted and also offer two years of complimentary credit monitoring and identity restoration services through Kroll, a risk advisory firm.

The university has more information about this data breach available on its website.

In general, USU recommends all students and employees take the following actions to help protect themselves:

  • Be extra vigilant: It is possible that cybercriminals may leverage stolen personal information from this attack to craft convincing phishing attacks in the coming weeks and months. An email, notice, or text message containing accurate information about you or one of your accounts is not enough to verify authenticity. Verify the source of a message before responding. Take note of how to identify a phishing attack. Phone calls may also be used to obtain personal or financial information.
  • Monitor your financial accounts and credit:It is always wise to monitor your credit report for unusual activity. Consider putting a credit freeze in place to frustrate would-be scammers if you believe you are being targeted.
  • Secure your accounts:Remember to enable two-factor authentication and to use long passphrases for all of your accounts. Never give someone your password or a two-factor code if asked for it, even if they claim to be from a trusted organization.
  • Update your Banner Account: Keep you Banner account updated to ensure you receive important notices.

CONTACT

Amanda DeRito
Associate VP of Strategic Communications
University Marketing and Communications
435-797-2759
Amanda.derito@usu.edu

Comments and questions regarding this article may be directed to the contact person listed on this page.

Next Story in University Affairs

See Also

Trending on Utah State Today