Nate Howe
September 11, 2023
MOVEit software, which helps organizations transfer large files, was recently exploited by a criminal organization known as Clop. Nationwide, millions of victims have been impacted by the MOVEit vulnerability, including some universities in Texas. Because a University of Texas at Dallas partner, the National Student Clearinghouse (NSC), is a customer of MOVEit software, the UTD Information Security Office began working with the company to verify whether UT Dallas information was at risk.
Though no IT systems operated or maintained by UT Dallas were involved in this recent incident, UT Dallas information was potentially at risk. Information transfers to NSC are common practice among universities.
NSC launched an investigation which confirmed that an unauthorized party exploited a vulnerability in MOVEit software. The information in question included names and identification numbers unique to the company. It does not include Social Security numbers, student identification numbers, contact information, dates of birth, or financial information. Though UT Dallas was not harmed, we recognize that other universities might not be so fortunate. We will continue to monitor the situation and ensure that we meet our obligations under applicable state and federal law with respect to the handling of personal information and incident reporting. At this time, individual notifications are not required.
If you have questions or concerns that can help us build a stronger environment to study, research, and work, please do not hesitate to contact infosecurity@utdallas.edu.