Important Information Regarding the MOVEIt Data Breach
As recently reported, a major data breach is affecting millions of people. The breach involved exploiting a security vulnerability with the file transfer tool MOVEit, which is used by several organizations that work alongside Pace University.
Pace does not use the MOVEit software, however, we have been notified by our service providers, National Student Clearinghouse (NSC), Teachers Insurance and Annuity Association (TIAA), and PayFlex that personally identifiable information may have been exposed due to the use of the MOVEit software by the providers and/or their third-party vendors and partners.
Based on the information that we’ve received to date, the breach has only impacted a small portion of the Pace Community.
What Should You Do?
Those who were directly impacted by the breach will be contacted by the service providers with more information about next steps. Regardless of whether your data was exposed, it is good practice to institute the following steps to manage your personal data:
- Consider enrolling in an identity theft protection service like TrueIdentity, at no cost, from TransUnion.
- Enabling multi-factor authentication everywhere it is available and not automatically provided.
- Being vigilant in spotting email and SMS phishing attacks
- Frequently review your financial accounts. See the Federal Trade Commission’s warning signs of identity theft for tips on what to monitor.
- Check your credit report.
- Consider placing a credit freeze on your credit report, with each of the three credit reporting agencies.
- Students should review the information related to the breach provided by NSC.
The Pace team—which includes members from ITS, Human Resources, the Office of the Registrar, University Counsel, among others—is actively monitoring the situation. The service providers will be notifying those who are affected by the breach by US Mail.
For more information, please view the more detailed information NSC has posted on their website. TIAA participants who would like additional information on safeguarding their account can contact TIAA directly at (800) 842-2252 or via email at abuse@tiaa.org. Additionally, if you have received notification that you are involved, please call the phone numbers included in the notification, as they have the most up-to-date details of the incident.